(19) 



J) 



Europfiisches Patentamt 
European Patent Office 
Office europeen des brevets 



I 



(12) 



(11) EP 0 71 5 241 B1 

EUROPEAN PATENT SPECIFICATION 



(45) Date of publication and mention 
of the grant of tiie patent: 
14.01^004 Bulletin 2004/03 

(21) Application number; 95116615.6 

(22) Date of fiiing: 21 .10,1995 



(51) lntc|7: G06F1/00, H04N 7/167 



(54) Apparatus for data copyright management system 

Gerat fflr Dateiurheberrechte-Verwaltungssystem 

Appareii pour systeme de gestion de droits d'auteur de donn6es 



(84) Designated Contracting States: 
DE PR GB 

(30) Priority: 27.10.1994 JP 26420094 
02.12.1994 JP 29983594 

(43) Date of publication of application: 
05.06.1996 Bulletin 1996/23 

(73) Proprietor MITBUBISHl CORPORATION 
Chlyoda-ku, Tokyo 100-0005 (JP) 



m 

CM 
iO 

T- 

o 

Q. 

UJ 



(72) Inventors: 

• Satto, Makoto 
Tama-shir Tokyo (JP) 

• Momlkl, ShunichI 
Hlgashlmur-ayama-shl, Tokyo (JP) 

(74) Representative: Pfenning, Melnig & Partner 
Mozartstrasse 17 
60336 MQnchen (DE) 



(56) References cited: 
EP'A-0121 853 
WO-A-90/02382 



EP-A- 0 430 734 
US-A- 4 352 952 



Note: Within nine months from the publication of the mention of the grant of the European patent, any person may give 
notice to the European Patent Office of opposition to the European patent granted. Notice of opposition shall be filed in 
a written reasoned statement. It shall not be deemed to have been filed until the opposition fee has been paid. (Art, 
99(1) European Patent Convention). 



Printed t>y Jouve, 7B001 PARIS (FR) 



1 



EP 0 715 241 B1 



2 



Description 

Field of the Invention 

[0001 J The present invention relates to 6n apparatus s 
for displaying, storing, copying, editing or transmitting 
digital data In using data, and Intends to protect digital 
data copyrights. 

Bacl<ground of the invention 

[0002] in Infonnation-oriented society of today, a da- 
tabase systenn has been spread in which various data 
values having Independently been stored In each com- 
puter so far are mutually used by Qonnecting computers is 
by communication lines, 

[0003] The infonnation having been handled by the 
database system is classical type coded Infonnation 
which can be processed by a computer and has a small 
amount of infonnation or monochrome binary data like so 
facsimile data at most, Therefore, the database system 
has not been able to handle data with an extremely large 
amount of infonnation such as a natural picture and a 
motion picture, 

[0004] However, while the digital processing tech- 25 
nique for various electric signals develops, development 
of the digital processing artf or a picture signal otherthan 
binary data having been handled only as an analog sig- 
nal is progressed. 

[0005] By digitizing the above picture signal, a picture 30 
signal such as a television signal can be handled by a 
computer. Therefore, a "multimedia system" for han- 
dling various data handled by a computer and picture 
data obtained by digitizing a picture signal at the same 
time is noticed as a future technique. 35 
[O0O6] Because picture data includes an overwhelm- 
ingly large amount of infonnation compared to character 
data and audio data, it is difficult to directly store ortrans- 
mit the picture data or apply various processings to the 
picture data by a computer. 

[0007] Therefore, it has been considered to compress 
or expand the picture data and several standards for 
compressing or expanding picture data have been pre- 
pared. Among those standards, the following standards 
have been prepared so far as common standards: JPEG 
(Joint Photographic Image coding Experts Group) 
standard for a stilt picture, H.2ei standard for a video 
conference, MPEG1 {Moving Picture image coding Ex- 
perts Group 1) standard for storing pictures, and 
MPEG2 con-esponding to tiie present telecast and the so 
high-definition telecast. 

[0008] Real-time processing of digital picture data has 
been realized by these techniques. 
[0009] Because hitherto widely-spread analog data is 
deteriorated In quality whenever storing, copying, edit- 
Ing, or transmitting it, copyrights produced due to the 
above operation has not been a large problem. Howev- 
er, because digital data is not deteriorated In quality after 



repeatedly storing, copying, editing, or transmitting It, 
the control of copyrights produced due to the above op- 
eration Is a large problem. 

[001 0] Because there is not hitherto any exact method 
for dealing with a copyright for digital data, the copyright 
is handled by the Copyright Act or relevant contracts. 
Even in the Copyright Act, compensation money for a 
digital-type sound- or picture-recorder Is only systema- 
tized. 

[0011] Use of a database includes not only referring 
to the contents of the database but also nonnaiiy effec- 
tively using the database by storing, copying, or editing 
obtained data. Moreover, It is possible to transmit edited 
data to another person via on-line by a communication 
line or a pnsper recording medium. 
[0012] Furthermore, it is possible to transmit the edit- 
ed data to the database to enter it as new data. 
p0131 in an existing database system, only character 
data is handled. In a multimedia system, however, audio 
data and picture data which are originally analog data 
are digitized and fomned into a database in addition to 
the data such as characters which have been fomned 
into a database so far. 

[0014] Under the above situation, how to deal with a 
copyright of data fonned into a database Is a large prob- 
lem. However, there has not been adequate copyright 
management means for solving the probiem so far, par- 
ticularly copyright management means completed for 
secondary utilization of the data such as copying, edit- 
ing, or transmitting of the data. 
[0015] Although data of "Software with advertise- 
ment" or "free software" is, generally, available free of 
fee. It is copyrighted and its use may be restricted by the 
copyright depending on the way of use. 
[0016] Document EP 0 430 734 A1 discloses a meth- 
od and apparatus to protect application program soft- 
ware executed on a main PC. This Is achieved by con- 
necting an additional unitto the main PC which operates 
upon insertion of a PC card distributed together with a 
application software to be executed. The PC card com- 
prises a microprocessor, a local bus, a ROM, a RAM 
and an EEPROM. The application program software 
can onty be completely executed on the main PC If It 
transmits coded data to the PC card which then get de- 
coded by a decryption program Implemented on the PC 
card and transmitted bade to the main PC. Hence, tha 
protection mechanism is established. 
[0017] The inventor of the present invention et al. pro- 
posed a system for managing a copyright by obtaining 
a pennit l<ey from a l<ey control center via a public tele- 
phone line through Japanese Patent Lald-Open No. 
46419/1994 and Japanese [latent Laid-Open No, 
1 41 004/1 994 and moreover, proposed an apparatus for 
managing the copyright through Japanese Patent L^id- . 
Open No. 132916/1994. 

[0018] Furthermore, they proposed a system for man- 
aging a copyright of digital data through Japanese Pat- 
ent Application No. 648B9/1994, which corresponds to 
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EP-A-0 677 949, which is an Article 54 (3) EPC docu- 
ment, and Japanese Patent Application No. 
237673/1994, which corresponds to EP-A-0 704 785, 
which Is an Article 54(3) EPC document, 
[0019] In these systems and apparatus, one who ^ 
wants to view and listen encrypted programs requests 
to a control center for viewing by using communication 
device via a communications line, and lie control center 
sends a pennit key to the requester, performs charging . 
and collects a fee. io 
[0020] After receiving the pennit key, the requester 
sends the permit key to a receiver by using an on-line 
or offline means, the recelverthen decrypts the encrypt- 
ed programs using the permit key. 
[0021] l^oreover, the system disclosed In Japanese i^ 
Patent Application No. 64BB9/1 994 uses a program and 
copyright Information for managing the copyright in ad- 
dition to the pemntt key so that the copyright In display 
(Including process to sound), storage, copying, editing, 
or transmitting of the digital data in a database system 
including real-time transmission of a digital picture can 
be managed. The program for managing fie copyright 
watches and manages to prevent users from using other 
than the conditions of user^s request or pennission. 
[0022] The Japanese Patent Application No. 2S 
64889/1994 further discloses that data Is supplied with 
encrypted from a database, decrypted by copyright 
management program virhen displayed or edited, and 
encrypted again when It is stored, copied or transmitted. 
Also the copyri ght management program itself being 30 
encrypted; decrypted by a pemilt key; the copyright 
management program thus decrypted perfomnlng en- 
cryption and decryption of copyright data; and when da- 
ta is utilized other than storage and displaying, copyright 
information Including Infonnatlon of the Person who has 35 
utilized, being stored as history In addition to original 
copyright infonnatlon, are disclosed. 
[0023] Though the present Invention is described be- 
low, general description Is madofor cryptography at first. 
[0024] The cryptography Includes a secret-key cryp- 40 
tosystem and a publb-key cryptosystem. 
[0025] The secret-key cryptosystem is a cryptosys- 
tem using the same crypt key for encryption and decryp- 
tion. While this cryptosystem requires only a short time 
forencryption or decryption, the secret-key Is found, and 
thus, the cryption may be cryptanailzed. 
[0026] The public-key cryptosystem is a cryptosystem 
in which a key for encryption Is open to the public as a 
public-key and a key for decryption Is not open to the 
public. The key for encryption Is referred to as a public- so 
key and the key for decryption Is refen'ed to as a private- 
key. To use this cryptosystem, it is necessary that a party 
for transmitting Infonnatlon encrypts the Infomnatton 
with a public-key of a party for receiving the Infonnatlon 
and the party for receiving the Information decrypts the 
Information with a private-key not open to the public. 
While this cryptosystem requires relatively a long time 
forencryption or decryption, the private-key can hardly 



be found and It is very difficult to cryptanalyze the cryp- 
tion. 

[0027] In the cryptography, a case of encrypting a 
plaintext M with a crypt key K to obtain a cryptogram C 
Is expressed as 

C ^ E(K, M) 

and a case of decrypting the cryptogram C with the crypt 
key K to obtain the plaintext M is expressed as 

M = D(K, C). 

[0028] The cryptosystem used for the present Inven- 
tion uses a secret-key cryptosystem In which the same 
secret-key Ks Is used for encryption and decryption, and 
a public-key cryptosystem In which a public-key Kb is 
used for encryption of a plaintext and a private-key Kv 
is used for decryption of a cryptogram. 
[0029] Figure 1 shows a structure of the data copy- 
right management system disclosed in the prior Japa- 
nese Patent /Application No. 237673/1994 in which the 
apparatus for data copyright management system of the 
present invention Is used. 

[D030] tn this system, encrypted data Is two-way sup- 
plied in accordance with a requestfrom the primary user 
4. 

[0031 ] Th is system uses th e secret-key cryptosystem 
and the public-key cryptosystem as a cryptosystem. 
[0032] It Is matter of course that this system can be 
applied when using a satellite broadcast, ground wave 
broadcast, CATV broadcast or a recording medium oth- 
er than a database as data supply means provided with 
advertisement requiring no charge or encryption. 
[0033] In this system, reference numeral 1 represents 
a database, 4 represents a primary user terminal, 5 rep- 
resents a secondary user tenninal, 6 represents a terti- 
ary usertemiinal, and 7 represents an n-order user ter- 
minal. 

[0034] And 3 represents a copyright management 
center, 8, 9, and 1 0 represent a secondary copyright da- 
ta, tertiary copyright data, and n-order copyright data 
stored at the copyright management center 3 , and 2 rep- 
resents a communication network such as a public tel- 
ephone lino offered by a communication enterprise or a 
CATV line offered by a cable television enterprise. 
[0035] On the above arrangement, the database 1 , 
primary user temiinal 4, secondary user terminal 5, ter- 
tiary usertemiinal 6, n-order user terminal 7, and cop- 
yright management center 3 are connected to the com- 
munication network 2 and also they can be connected 
each other. 

[0036] In this figure, a path shown by a broken line 
represents a path for encrypted data, a path shown by 
a solid line represents a path of requests from each user 
temnlnal, a path shown by a one-dot chain line repre- 



3 



5 



EP 0 715 241 B1 



6 



sents a path through which authorization Information 
corresponding to a utilization request in each data and 
a crypt l^ey are transferred, and a path shown by a two- 
dot chain line represents a path through which copyright 
information is transferred from the database or f ronn the p 
data to a next-order data within copyright management 
center, 

[0037] Each user who uses this system is previously 
entered In a database system and in this time, database . 
utilization software Is provided him. The database utill- io 
zatlon software includes a program for decrypting an en- 
crypted copyright management program in addition to 
normal communication software such as data commu- 
nicating protocol. 

[0038] To use the database 1 , a primary user prepares is 
primary-user authentication datd Au1 , a first pubilc-lcey 
Kb1, a first private-key Kvl corresponding to the first 
public-key Kb1 , a second public-key Kb2, and a second 
private-key Kv2 corresponding to the second public-key 
Kb2, and accesses the database 1 from the primary user so 
terminal 4 via the communication network 2. 
[0030] The database 1 receiving the primary-user au- 
thentication data Au1, first public-key Kbi and second 
public-key Kb2 from \he primary user confirms the pri- 
mary-user authentication data Au1 and transfers the 25 
confirmed primary-user authentication data Au1 to the 
secondary copyright management center 3 as the pri- 
mary user infomriation lul. 

[0040] The database 1 prepares two secret-keys, that 
is, first secret-key Ksl and second secret-key Ks2. so 
[0041] in the prepared first secret-key Ksl and sec- 
ond secret-key Ks2. the second secret-key Ks2 Is also 
previously transferred to the copyright management 
center 3. 

[0042] As the result of the above transfer, a pennit key 35 
corresponding to primary utilization, the primary user in- 
fonnatlon Iu1 , original copyright Infomnation IcO and the~ - 
second secret-key Ks2 are stored in the copyright man- 
agement center 3. In this case, the original copyright In- 
fonrmtlon IcO Is used for copyright royalties distribution. 40 
[0043] When a primary user who desires data utiliza- 
tion accesses the database 1 from the primary user ter- 
minal 4, a data menu is transferred to him. In this case, 
infomnation for charges may be displayed together with 
the data menu. ''^ 
[0044] When the data menu Is transferred, the prima- 
ry user retrieves In the data menu to select the data I^. 
In this case, the original copyright infomriation IcO of the 
selected data M is transmitted to the copyright manage- 
ment centers. The primary user selects pennit key Kpl so 
corresponding to the required fomn of the usage such 
as viewing, storing, copying, editing and transmitting of 
data. Pemnlt key Kp1 Is also transmitted to the copyright 
management center 3. 

[0045] Because viewing and storing of data are the ss 
minimum required forms of use for the primary user, 
these forms of use may be excluded from the choices 
as the minimum usage, and offering only copying, edit- 



ing and transmitting as the choices. 
[0046] The original data MO is read out of the data- 
base 1 1n accordance with a request of the primary user. 
The read original data W\0 Is encrypted by the first se- 
cret-key Ksl; 

CmOksl = E(Ks1,IVI0). 

[0047] The encrypted data CmOksl is provided with 
the uncrypted original copyright Infomnation IcO. 
[0048] The first secret-key Ksl Is encrypted by the 
first public-key Kb1 and the second secret-key Ks2 Is 
encrypted by the second public-key kb2; 

Cks1kb1 ^ E(Kb1. Ksl) 



Cks2kb2 = E(Kb2, Ks2). 

[0049] While the copyright management program P Is 
also encrypted by the second secret-key Ks2 

CpKs2=E(Ks2, P), 

the copyright management program P must not always 
be encrypted by the second secret-key Ks2 but it may 
be encrypted by any other proper crypt key. 
[0050] The encrypted original data CmOksl , encrypt- 
ed copyright management program Cpks2, and two en- 
crypted secret-keys Ckslkbl and Cks2kb2 are trans- 
ferred to the primary usertemninal 4 via the communi- 
cation networtc 2, and charged, if necessary. 
[0051] it is possible to store the encrypted copyright 
management program Cpks2 such as In a ROM in the 
usertemilnal 4 instead of being supplied from the data- 
base 1. 

[0052] The primary user receiving the encrypted orig- 
inal data CmOksl , two encrypted secret-keys Cks1 kb1 
and Cks2kb2, and encrypted copyright management 
program Cpks2 from the database 1 decrypts the en- 
crypted first secret-key Gksl kbi by the database utili- 
zation software using the first private-kiey Kvl corre- 
sponding to the first public-key Kbi : 

Ks1 =D(Kv1, Ckslkbl). 

and decrypts the encrypted second secret-key Cks2kb2 
using the second private-key Kv2 con^espondlng to the 
second publlc-key Kb2: 

Ks2=D(Kv2,Cks2kb2). 

[0053] And the primary user decrypts the encrypted 
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copyright management program Cpks2 using the de^ 
crypted second secret-key Ks2: 

P=D{Ks2,Cpks2), 

[0054] Finally, the primary user deciypts the encrypt- 
ed data CmOksl by the decrypted copyright manage- 
ment program P using the decrypted first secret-key 



MO =D(Ks1, CmOksl) 

and uses the decrypted original data MO directly or data is 
M1 as edited. 

[0055] As described above, the first private-key Kvl 
and second private-key Kv2 are crypt keys prepared by 
the primary user but not opened to others. Therefore, 
even If a third party obtains the data M, It Is impossible 20 
to use the encrypted data M by decrypting tt. 
[0056] Thereafter, to store, copy, or transmit the data 
M as the original data MO or the edited data M1 , It Is 
encrypted and decrypted by the second secret-key Ks2: 

Cmks2=E{Ks2, M) 



M ^ D(Ks2, Cmks2). 

[0057] The decrypted second secret-key Ks2 is there- 
after used as a crypt key for encrypting/decrypting data 
when storing, copying, or transmitting the data. 
[0058] The first private-key Kv1 and second private- 35 
key Ky2, the first secret-key Ks1 and second secret-key 
Ks2, the data M, the copyright management program P, 
the original copyright infomiation Ic, and also the original 
copyright Infomiation IcO and also copyright infonnation 
Id for infonnation of the primary user and edited date 40 
and time when edited the data by the primary user are 
stored in the primary usertenninal 4. 
[0059] Moreover, It is further protected by attaching 
the copyright Infonnation Id to the data as copyright In- 
fomiation label, and adding the digital signature. 45 
[0060] The encrypted data Cmks2 Is encrypted to be 
distributed. Since the copyright infomiation label pro- 
vides a clue to obtain the second secret-key Kb2 which 
is the key for decryption, the second secret key Ks2 can- 
not be obtained In the case where the copyright infer- so 
mation label is removed from the encrypted data 
Cmks2. 

[0061] When the encrypted data Cmks2 Is stored In 
the primary user terminal 4, the second secret-key K82 
Is stored In the temilnal 4. However, when the encrypted ss 
data Cmks2 Is not stored in the primary user terminal 4 
but is copied to the recording medium 11 or transmitted 
to the secondary usertenninal 5 via the communication 



network2,thesecondsecret-key Kb2 ledisusedin order 
to disable subsequent utilization of the data in the pri- 
mary usertenninal 4. 

[0062] In this case, it Is possible to set a limitation for 
repetitions of copying or transmitting of the data so that 
the second secret-key Ks2 Is not disused within limited 
repetlons of copying and transmitting of the data. 
[0063] The primary user who is going to copy the data 
M to the external recording medium 11 or transmit the 
data M via the communication network 2 must prepare 
the second secret-key K62 to encrypt the data M by this 
second secret-key Kb2 before copying or transmitting 
the data; 

Cmks2=E(Ks2,M). 

[0064] The uncrypted original copyright information 
icO and primary-user copyright information Id are add- 
ed to the encrypted data Cmks2, 
[0065] Beforie using a database, a secondary user, 
simllartothe primary user, prepares authentication data 
Au2forauthentk;atlngthesecondaryuser,athird public- 
key Kb3 and a third private-key Kv3 corresponding to 
the third pubilc-key Kb3, a fourth public-key Kb4, and a 
fourth private-key Kv4 con-esponding to the fourth pub- 
lic-key Kb4. 

[0066] The secondary user who desires secondary 
utilization of the copied or transmitted encrypted data 
Cmks2 must designate original data name or numberto 
the copyright management center 3 to request for sec- 
ondary utilization to the center 3 from the secondary us- 
er terminal 5 via the communication network 2. In this 
time, the secondary user also transfers the third public- 
key Kb3 and the fourth public-key Kb4 as well as the 
secondary user authentication data Au2, original copy- 
right Information IcO and primary user copyright Infor- 
mation Id . 

[0067] The copyright management center 3 receiving 
the secondary utilization requestf rom the secondary us- 
er confimis the secondary-user authentication data 
Au2, and transfers confirmed secondary-user authenti- 
cation data Au2 to the tertiary copyright data 9 as sec- 
ondary user information. 

[006B] When the secondary copyright Iriformation Id 
of the primary user is transfen-ed, the secondary copy- 
right infonnation Id Is Inquired to the secondary copy- 
right data 8, and then, ft recognizes the secondary cop- 
yright information id to be transfenBd to the tertiary 
copyright data 9. 

[0069] The secondary user selects pemrilt key Kp2 
con-esponding to the fonn of data usage such as view- 
ing, storing, copying, editing and transmitting of data. 
Pemnlt key Kp2 con-esponding to the selected usage is 
sent to the tertiary copyright data 9. 
[0070] Because viewing and storing of data are the 
minimum required forms of use for the secondary user, 
these fomns of use may be excluded from the choices 
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as the minimum usage, offering only copying, editing 
and transmitting as ttie choices, 
[0071 J The secondary copyright data B prepares a 
third secret-l<ey Ks3. 

[0072] The prepared third secret-key Ks3 Is trans- 
ferred to and stored In the tertiary copyright data 9. 
[0073] As the result of the above transfer, the permit 
key Kp2, primary usercopyright Infomiatlon Id , primary 
user infomiation lu1 , original copyright information IcO, 
secondary user infomiation Iu2, and third secret-key 
Ks3 are stored In the tertiary copyright data 9, The per- 
mit key Kp2, primary user copyright infomiatlon id , and 
primary user infomiation lul are used for copyright roy- 
alties distribution, 

[0074] Hereafter similarly, pemilt key Kpn corre- 
sponding to n-order usage, copyright Infomiatlon for 
secondary exploitation right lcn-1 of (n-l)-order user, 
primary user Information lul , original copyright infomia- 
tlon IcO, n-order user Information lun, and n-th secret- 
key Ksn are stored in n-order copyright data 10. 
[0075J The permit key Kp2, primary user Information 
lul, original copyright Infomiation IcO and second se- 
cret-key Ks2 are read out of the secondary copyright da- 
ta B. The original copyright Infomnation IcO is used for 
copyright royalties distribution. 
[0076] The read second secret-key Ks2 and third se- 
cret-key Ks3 are encrypted by the third public-key Kb3 
and fourth public-key Kb4 of the secondary user respec- 
tively: 

Cks2kb3 ^ E(Kb3. Ks2) 



Clcs3kb4 = E(Kb4, Ks3). 

[0077] " The copyright management program P is en- 
crypted by the third secret-key Ks3: 

CpksS = E(Ks3, P). 

[0078] The encrypted copyright management pro- 
gram Cpks3, encrypted second secret-key Cks2kb3, 
and encrypted third secret-key Cks3kb4 are transferred 
to the secondary usertennlnai e via the communication 
network 2. In this case, charging Is performed. If neces- 
sary, 

[0079] The secondary user receiving two encrypted 
secret-keys Cks2kb3 and Cks3kb4 and the encrypted 
copyright management program Cpks3 from the sec- 
ondary copyright data 6 decrypts the encrypted second 
secret-key Cks2kb3 by the third private-key Kv3, and 
decrypts the encrypted third secret-key Cks3kb4 by the 
fourth private-key Kv4 con-esponding to the fourth pub- 
lic-key Kb4, using the database utilization software: 



Ks2^D{Kv3, Cks2kb3) 



Ks3 = D(Kv4, Cks3kb4). 

POBO] The encrypted copyright management pro- 
gram Cpks3 is decrypted by the decrypted third secret- 
key Ks3: 

P D(Ks3, Cpks3). 

[0081] Then, the encrypted data Cmks2 is decrypted 
to use It by the decrypted second secret-key Ks2 using 
decrypted copyright management program P: 

li/l = D(Ks2, Cmks2)/ 

[0082] As described above, the third private-key Kv3 
and the fourth private-key Kv4 are prepared by the sec- 
ondary user but not opened to others. Therefore, even 
If a third party obtains the encrypted data Cmks2, It is 
Impossible to use the data by decrypting it, 
[0083] Each user who uses above-mentioned system 
must previously be entered in a database system, and 
when entered In the system, software for database Is 
supplied to the user. 

[0084] Because the software Includes not only normal 
communication software such as a data communication 
protocol but also a program for decrypting a copyright 
management program by a first crypt-key, it Is neces- 
sary to be protected. 

[0085] A first crypt-key K1 , a second crypt-key K2, 
and a copyright management program P are transfen-ed 
to each user In order to use data 1^, and each user keeps 
these keys and the program. 
[0086] Further, the copyright Information label, user 
Information, the public-key and private-key in the public- 
key cryptosystem and the program containing algorithm 
for generating the secret-key are kept when needed. 
[0087] For keeping them, it Is the simplest means to 
use a flexible disk. However, the flexible disk Is easy in 
disappearance or alteration of data, 
[0088] Moreover, a hard disk drive is also unstable for 
disappearance or alteration of data though it Is more sta- 
ble than the flexible disk. 

[0089] Recently, an IC card is spread in which an IC 
element Is sealed In a card-like package. Particularly, 
standardization of a PC card with a microprocessor 
sealed In It Is progressed as a PCMCIA card or JEIDA 
card. 

[0090] The data copyright management apparatus 
proposed by the Inventor of the present Invention et al. 
in the prior Japanese Patent application No. 
237673/1994 is described Irt Figure 2, 
[0091 ] The data copyright management unit 1 5 Is con- 
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figured as a computer system, comprising a microprocr 
essor (CPU) 16, a local bus 17 of CPU 16, read only, 
memory (ROM) 1 B connected to local bus 1 7, and write/ 
read memory (RAM) 19, wherein the local bus 17 being 
connected to system bus 22 of the microprocessor 21 ^ 
of the user tenninal 20. 

[0092] Moreover, a communication unit (COMM) 23 
which receives data from an external database and 
transfer data to the external database, a CD-ROM drive 
(CDRD) 24 which reads data provided by CD-ROM, a 
flexible disk drive (FDD) 25 which copies received or ed- 
ited data to a flexible disl< drive to provide outside with 
such data, and a hard disc drive (HDD) 26 which stores 
data are connected to the system bus 22 in the userter- 
minai 20, 

[0093] As a matter of course, ROM and RAM or the 
like are connected to the system bus 22 of the user ter- 
minal, however. It Is not shown in the figure. 
[0094] Fixed Infonnation, such as software and user 
data, for utilizing the database is stored In ROM IB of 20 
the data copyright management unit 15. 
[0095] A crypt-key and the copyright management 
program provided from the key control center or copy- 
right management center are stored in RAM 19. 
[0096] The process of decryption and re-encryption 25 
are performed by the data copyright management unit 
15, only of which results are transferred to the user ter- 
minal 20 via the local bus 17 and the system bus 21 of 
the user temfilnal. , 

[0097] The data copyright management unit 1 5 is im- so 
piemented as monolithic !C, hybrid IC, an expansion 
board, an tC card, or a PC card. 

Summary of the Invention 

35 

[0098] In the present application, apparatus for data 
copyright management system, resulted from further • 
implementation of the apparatus used In the user termi- 
nal proposed in the prior Japanese patent application 
No. 237673/1994, Is proposed. 
[0099] The apparatus for data copyright management 
in the present Invention Is attached to the user tenninal, 
which comprises central processing unit, central 
processing unit bus, read only semiconductor memory, 
electrically erasable programmable memory, and read/ 45 
write memory. 

[0100] Central processing unit, read only semicon- 
ductor memory, electrically erasable programmable 
memory, and read/write memory are connected to the 
central processing unit bus, and also system bus of a so 
unit which utilizes the data can be connected to It. Data 
copyright management system program, a crypt algo- 
rithm, and user infonnation are stored in the read only 
semiconductor memory, and a second private-key, per- 
mit key, second secret-key, and copyright information S5 
are stored In the electrically erasable programmable 
memory, wherein first public-key, first private-key, sec- 
ond public-key, and first secret-key being transferred to 



the read/write memory at the operation of the unit. If the 
copyright management program Is provided from the 
outside, it Is stored in the EEPROM. Otherwise, It is 
stored in ROM. 

[0101] As a tomn of the data copyright management 
apparatus, monolithic IC, hybrid IC, a thin IC card with 
special tenninal, a PC card, and a board for Insertion 
can be available, 

[01 02] In the data copyright management system de- 
scribed above as prior Invention, while the obtained en- 
crypted data is decrypted for utilization of displaying/ed- 
iting, the obtained or edited data is re-encrypted to store/ 
copy/transfer so that no unauthorized use of the data 
can be available. 

[0103] Accordingly, in the apparatus used in the data 
copyright management system of the present invention, 
re-encryption of data, as well as decryption of data 
should be performed concurrently, however, those data 
copyright management apparatus described in the prior 
applications can perfomn only one process of either data 
decryption or data re-encryption. 
[0104] Thus, in the present application, a data copy- 
right management apparatus which, at the same time, 
can decrypt and re-encrypt data encrypted and supplied 
in order to manage copyright Is proposed. 
[0105] For the purpose of that, data which was en- 
crypted and provided is decrypted and re-encrypted by 
adding at least one, microprocessor, preferably 2 micro- 
processors, in addition to the microprocessor that con- 
trols the entire user tenninal therein. When one micro- 
processor Is added, one of the 2 microprocessors, one 
Included in the user tenninal or one added, will decrypt 
data and the other will re-encrypt data. 
[01 06] When 2 microprocessors are added, one of the 
added mlcroprocessorB will decrypt data, the other mi- 
croprocessor will re-encrypt data, and the microproces- 
- sor of the user tenninal will control the entire operation. 
[0107] Although the added microprocessors may be 
connected to system bus of the microprocessor in the 
user tenninal, this configuration may not allow a multi- 
processor configuration to operate plural microproces- 
sors concurrently. 

[0108] Therefore, in the present application, a data 
copyright management apparatus as a multiprocessor 
configuration utilizing SCSI bus or PCI bus is proposed. 
[0109] Otherthan character data, digital data includes 
graphic data, computer program, digital audio data, still 
picture data of JPEG standard, and motion-picture data 
of MPEG standard. 

[0110] While the data works comprising these data 
are utilized by using various apparatus. It Is necessary 
that these apparatus should also include the data cop- 
yright management function. 
[0111] Thus, In the present application, it is proposed 
that, as a fomn of use, these data copyright management 
apparatus and the data copyright management appara- 
tus described In the prior application are Incorporated In 
various systems. 
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Brief Description of the Drawings 

[0112] Figure 1 is a blocic diagram of the data copy- 
right management system of the prior invention. 
[0113] Figure 2 is a bloclc diagram of the data copy- 
right management apparatus of the prior invention. 
[0114] Figure 3 is a block diagram of the data copy- 
right management apparatus of embodiment 1 of the 
present Invention. 

[0115] Figure 4 Is a specific block diagram of the data 
copyright management apparatus of the embodiment 1 
of the present invention, 

[0116] Figure 5 is a process flow chart of data copy- 
right management system related to the present inven- 
tion. 

[0117] Figure 6 is a block diagram of the data copy- 
right management system of the prior Invention. 
[0118] Figure 7 Is a flow chart of a general edit proc- 
ess of digital data. 

[0119] Figure 8 is a flow chart of encrypted data edit 
process of the present invention. 
[0120] Figure 9 is a block diagram of the data copy- 
right management apparatus of embodiment 2 of the 
present invention. 

[0121] Figure 10 is a block diagram of the data copy- 
right management apparatus of embodiment 3 of the 
present invention. 

[0122] Figure 11 Is a block diagram of the data copy- 
right management apparatus of embodiment s of the 
present invention. 

[0123] Figure 12 Is a block diagram of the data copy- 
right management apparatus ot embodiment 5 of the 
present invention. 

[0124] Figure 13 is a block diagram of the data copy- 
right management apparatus of embodiment 6 of the 
present Invention. 

[0"1 25] Figure 1 4 Is a block diagram of the digital cash 
system as one example of use of the present Invention. 
[0126] Figure 15 is a block diagram of the video con- 
ference system as one example of use of the present 
Invention. 

Detailed Description of the Preferred Embodiments 

[0127] The detailed embodiments of the present In- 
vention are described below with reference to the draw- 
ings. 

[01 28] The embodiment 1 of the data copyright man- 
agement apparatus related to the present invention Is 
shown in a block diagram of Figure 3. 
[0129] The data copyright management unit 30 in- 
cludes electrically erasable programmable memory 
(EEPROM) 31 in addition to the components of the data 
copyright management unit 1 5 described in the prior ap- 
plication No. 237673/1994. 

[0130] The data copyright management unit 30 Is a 
computer system having CPU 16, local bus 17 of CPU 
16, ROI^ IB connected to local bus 17, RAM 19, and 



EEPROM 31, wherein local.bus 17 being connected.to 
the system bus 22 of the microprocessor 21 In the user 
temiinal20. 

[0131] Moreover, communication unit (COMM) 23 
which receives data from extemai database and trans- 
fers data outside, CD-ROM drive (CDRD) 24 which read 
data provided by CD-ROM, a flexible disc drive (FDD) 
25 which copies data received credited in order to sup- 
ply to the outside, and hard disk drive (HDD) 26 which 
stores data are connected to the system bus 22 of the 
U6ertennlnai20. 

[0132] Further, ROM and RAM are connected to the 
system bus 22 of the user terminal, however, it is not 
shown in the figure, 

[0133] Fixed Infomriation such as a data copyright 
management program, a cryptography program based 
on crypt algorithm, and user data are stored in ROM 18. 
[0134] A crypt-key and copyright Infonnation are 
stored in EEPROM 31. Further, when data copyright 
management program and cryptography program are 
supplied from outside such as from database, they are 
stored in EEPROM 31, rather than In ROM IB, 
[0135] The data copyright management unit 30 per- 
forms the process of decryption or re-encryption, only 
the result of which are transferred to the user temninai 
20 via local bus 17 and system bus 22. 
[0136] The data copyright management unit 30 is im- 
plemented as a monolithic iC, a hybrid iC, an expansion 
board, an IC card, or a PC card. 
[0137] Fixed data such as a data copyright manage- 
ment program, a cryptography program based on crypt 
algorithm, and user data are stored In ROM IB of the 
data copyright management unit 30 in the embodiment 
1. 

[01 38] Further, a program for generating secret-keys 
based on secret-key algorithm of not secret, a decryp- 
tion program, "and a re^encryption program may be 
stored in ROM IB. 

[0139] A crypt-key and copyright information are 
. stored in EEPROM 31. Moreover, when the copyright 
management program and the encryption program are 
supplied from the outside such as database, they are 
stored in EEPROM 31, ratherthan ROM 18. Still more, 
the EEPROM Is not necessarily required and may be 
omitted. 

[01 40] Either one of the first crypt-key or the second 
crypt-key supplied from the key control center or copy- 
right management center, and data copyright manage- 
ment system program are stored In RAM 1 9, 
[0141] On the other hand, infomiation such as soft- 
ware and the user data required by MPU 46 in the user 
temninai 20 are supplied to the user temninai 20 by the 
software, and stored In RAM of the user temiinai 20, 
[0142] Besides, either one of the first crypt-key or the 
second crypt-key supplied from the key control center 
or the copyright management center, and the data cop- 
yright management system program are stored in RAM 
of the user temninai unit 20. 
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[0143] The process of decryption and- re-encrypti on 
are shared by MPU 46 of the main body of the user ter- 
minal 20 and CPU 1 6 of the data copyright management 
unit 30; one encrypts data and the other decrypts data, 
and only the processed results of the data copyright 
management unit 30 are transferred to the user temil- 
nai. 

[0144] The specific intemai structure of the data cop- 
yright management unit 30 in Figure 3 Is shown in Figure 
4. 

[0145] A microcomputer (CPU) 18, read oniy semi- 
conductor memory (ROIVj) 18, write/read memory 
(RAIVI) 19, and eiectrlcaliy erasable programmabie 
memory (EEPROM) 31 are enclosed in the data copy- 
right management unit 30, and are connected to micro- 
computer bus 17 of the microcomputer 16, the micro- 
computer bus 17 being furth er connected to system bus 
22 of the user terminal 20 main body 
[0146] The data copyright management system pro- 
gram, crypt algorithm, and the user Information are 
stored in the read only semiconductor memory IB, 
[0147] Inside of the electrically erasable programma- 
ble memory 31 is divided into three areas. 
[0148] In the first area 35, the first pubiic-lcey Kbi , the 
first private-key Kv1 , the second public-key Kb2, and the 
second private-key Kv2 are stored. 
[0149] in the second area 36, the copyright manage- 
ment program P. the first secret-key Ksl as a pemnit key 
in the primary use such as view perni it/store pemnlt/copy 
permit/edit permit/transfer permit, and the second se- 
cret key Ks2 as a pemnit key in the secondary use such 
as view pemnlt/store pemalt/copy permit/edit permit/ 
transfer pemnit are stored. 

[0150] Further, In some case where the copyright 
management program Is not supplied fomri the outside, 
but preset In the user side, the copyright management 
program Is stored In the read oniy memory 18, rather 
than In the second area 36 of the electrically erasable 
programmable memory 31 . 

[01 51 ] In the third area 37, copyright Information such 
as the original copyright Information and the secondary 
copyright information, and an access control key are 
stored. 

[01 52] As in the case of the electrically erasable pro- 
grammable memory 31 , inside of the write/read memory 
19 is divided into three areas. 
[01 53] in the first area 32, the first public-key Kbi , the 
first private-key Kv1 , and the second public-key Kb2 are 
stored during operation. 

[01 54] In tlie second area 33, the first secret-key Ks1 
as a permit key in the primary utilization such as view 
penn It/store pennit/copy pemilt/edil penmlt/transfer per- 
mit Is stored during operation. 
[0155] in the third area 34, an access control key is 
stored during operation, 

[01 56] The user temilnai attached with the data cop- 
yright management apparatus is reliable since It per- 
forms all the process for utilizing data within the data 



- -copyright management unit related to the.present Invenr. 
tion, so that only the results are transfenred to the user 
tennlnai for various utilization. 
[0157] When picture data containing large amount of 
5 infomiatlon is transmitted/received, original data is 
transmitted after being compressed in order to reduce 
the amount of data and the compressed data is expand- 
ed after reception to utilize it. In this case, data copyright 
may be managed by encryption. 
10 [0158] In Figures, an example of data copyright man- 
agement flow when encrypted data is digital picture 
compressed in JPEG standard or MPEG standard. The 
flow is divided Into transmitting side flow and receiving 
side flow with a transmit line in between, and the receiv- 
es Ing side flow is further divided into display flow and stor- 
age flow. 

[01 59] Theslgnal process in the transmitting side con- 
sists of process preparing digital picture and process 
processing the digital picture prepared. In this process, 

20 If an original picture is the digital picture 41 , it proceeds 
to next process. If an original Image Is an analog picture 
40, digitizing process 42 is perfomned. 
[0160] The digital picture Is compressed 43 first by 
given standard such as JPEG standard, or MPEG 

25 standard, then the compressed digital data is encrypted 
44 using the first secret-kfey. 

[0161] The picture data signal processed in transmit- 
ting side is transmitted through transmission line 45 
such as satellite broadcasting wave, terrestrial broad- 
30 casting wave, CATV wave, or public telephone Ilne/IS- 
. DNIine. 

[0162] Further, recording media such as a digital vid- 
eo tape, a digital video disk, or CD-ROM may be used 
as the transmission line. 

35 [01 63] Thus the ptetu re data transmitted to the receiv- 
ing side is decrypted 48 first using the first secrot key, 
then the compressed picture data Is expanded 47 to be 
displayed 49. When the display Is a digital data display 
unit, It is directly displayed, however, when it is an ana- 

40 log data display unit, it Is converted to analog data 48. 
[0164] When data is stored in hard disk, flexible disk, 
optical magnetic disk, writable video disk or the like, It 
is stored after being re-encrypted 50 using the second 
secret key. 

45 [01 65] In displaying again the picture data re-encrypt- 
ed and stored, It is re-decrypted 52 using the second 
secret key and displayed 49. If the display unit Is a digital 
data display unit. It is directly displayed, however, if it Is 
an analog data display unit. It is converted to analog data 

50 48, 

[0166] Moreover, for data compression/expansion 
means and transmission path, appropriate ones com- 
patible with the data are used. 
[0167] Figure B shows an example of the data copy- 
55 right management system disclosed in the prior Japa- 
nese Patent Application No. 237673/1 994. This system 
uses the secret-key system as a cryptosystem. 
[0168] In the case of this system, reference numeral 
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1 represents a database In which text data^ binary data- 
serving as a computer graphic display or a computer 
program, digital audio data, and digital picture data are 
stored by being encrypted, 14 represents a space sat- 
ellite such as a communications satellite or a broadcast- 5 
Ing satellite, 15 represents a data recorder such as a 
CD-ROM or a flexible dlsl<, 2 represents a communica- 
tion network such as a public telephone line offered by 
a communication enterprise or a CATV line offered by a 
cable television enterprise, 4 represents a primary user io 
terminal, and 16 represents a l<ey control center for 
managing a secret-key, and 17 represents a copyright 
management center for managing a data copyright. 
[0169] Reference numerals 5, 6, and 7 represent a 
secondary usertermlnal, atertiary usertemninal, and n- i^ 
order usertermlnal respectively, and 11 , 12, and 13 rep- 
resent a secondary disic, tertiary disk, and n-order disk 
serving as a recording medium such as a flexible disk 
or CD-ROM respectively. The symbol "n" represents an 
optional Integer. When "n" Is largerthan 4, a con-espond- so 
Ing user tenninal and a con-esponding disk are arranged 
between the tertiary user tenninal 6 and the n-order user 
terminal 7 and between the tertiary disk 12 and the n- 
order disk 13 respectively 

[0170] On the above arrangement, the database 1, 25 
key control center 1 6, copyright management center 1 7, 
primary usertermlnal 4, secondary usertermlnal 5, ter- 
tiary user terminal 6, and n-order user temninal 7 are 
connected to the communication network 2. 
[0171] In this figure, the path shown by a broken line 30 
Is a path of encrypted data, a path shown by a solid line 
Is a path of requests from each usertemninal, and a path 
shown by a one-dot chain line is a path through which 
authorization infonnatlon corresponding to a utilization 
request and a secret-key are transferred. 35 
[0172] Moreover, each user who uses this system Is 
previously entered In the database system. When the 
user is entered in the system, a database utilization soft- 
ware is given to the user. The database utilization soft- 
ware Includes not only normal communication software 40 
such as a data communication protocol but also a pro- 
gram for running a copyright management program. 
[0173] Original data MO of text data, binary data as a 
computer graphic display or computer program, digital 
audio data, or digital picture data stored in the database 45 
1 or data recording medium 16 is one-way supplied to 
the primary usertemninal 4 via the communication net- 
work 2, satellite 14 or recording medium 15. 
[0174] In this case, the data Is encrypted with a first 
secret-key Ksl: 

CmOksl =E(KsliMO>. 

[01 75] Even if data provided with advertisement to be ss 
offered free of charge, It Is necessary to be encrypted 
In order to protect the copyright. 
[01 76] It Is disclosed In the Japanese Patent Applica- 



tion No. 64BB9/1994-whlch is the prior application that, 
the data utilization Includes not only displaying of data 
which Is the most basic usage but also storing, editing, 
copying, and transmitting of the data, a use permit key 
Is prepared which corresponds to one or several forms 
of usage, and Its management Is executed by the cop- 
yright management program. 
[0177] Moreover, it Is described there that data is en- 
crypted again by the copyright management program for 
use such as storing, copying, editing and transmitting of 
the data otherthan displaying of the data and displaying 
for editing the data. 

[0178] In other words, the data whose copyright ts 
claimed is encrypted to be distributed, and only when 
the data is displayed or displayed for editing the data In 
a user terminal having a copyright treatment function, 
the data Is decrypted to a plaintext. 
[0179] This system disclosed in Japanese Patent Ap- 
plication No. 237673/1994 uses the method described 
In the prior appikiation No. 64889/1994. 
[0180] A primary userwho desires primary utilization 
of the supplied encrypted dataCmOksl requests for pri- 
mary utilization of the encrypted original data CmOksl 
by designating the original data name orthe original da- 
ta number to the key control center 16 via the commu- 
nication networic2 from the primary usertemiinai 4. In 
this case, the primary user must present information Iu1 
for primary user to the key control center 16, 
[0181] The key control center 16 receiving the primary 
utilization request from the primary user terminal 4 
transfers first secret- key Ksl for decrypting the encrypt- 
ed original data CmOksl obtained from the database 1 
by the primary user and second secret-key Ks2 for re- 
encrypting the decrypted original data MO or edited data 
Ml from the original data, together with a copyright man- 
agement program P via the comrriunication network 2 
to the primary user terminal 4. • 
[01 82] in the primary user terminal 4 receiving the first 
secret-key Ksl as a decryption key and the second se- 
cret-key Ks2 as an encryption/decryption key, the en- 
crypted original data CmOksl is decrypted by the first 
secret-key Ksl using the copyright management pro- 
gram P 

MO = D(Ks1, CmOksl) 

to use the decrypted original data MO directly or data Ml 
as edited. 

[0183] When the data M which Is the original data MO 
credited data Ml Is stored In a memory or a built-in hard 
disk drive of the primary user terml nal 4, only the primary 
user can use the data. However, when the data M is cop- 
ied to the extemal recording medium 1 1 such as a flex- 
ible disk or transmitted to the secondary user terminal 
5 via the communication networi< 2, a problem of a cop- 
yright due to secondary utilization occurs. 
[0184] When the original data MO obtained by the pri- 
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-mary user is directly copied and supplied to B secondaty... 
user, the copyright of the primary user is not effected on 
the data MO because the original data MO is not modified 
at ali. However, when the primary user produces new 
data m by editing the obtained data MO or by using 
means such as combination with other data, the copy- 
riglit of the primary user, i.e., secondary exploitation 
right occurred from secondarily utilizing original data, is 
effected on the data Ml . 

I01B5] Similarly, when a secondary user produces 
new data M2 by editing the original data MO or edited 
data Ml obtained from the primary user or by means 
such as combination of other data, the copyright of the 
secondary user; i.e., secondary exploitation right on the 
secondary user Is also effected, 
[0186] In this system, to correspond to the problem of 
the copyright, the data M is encrypted by the second 
secret-lcey Ks2 using the copyright management pro- 
gram P when the data M is stored, copied, or transmit- 
ted. Thereafter, in the primary usertemninal 4, the data 
M Is decrypted and encrypted by the second secret-l<ey 
Ks2: 

Cmic62=E(KB2,M) 



M = D(Ks2, Cml<s2). 

[01 87] it is free in principle that the primary user dis- 
plays and edits data to obtain edited data, in this case, 
however, it is possible to limit the repetitions of the op- 
eration by the copyright management program. 
[01 88] When the data M is copied to the external re- 
cording medium 11 or transmitted via the communica- 
tion network 2, the first secret-key Ks1 and the second 
' secret-key Ks2 In the primary user temninai 4 are dis- 
used by the copyright management program P. There- 
fore, when reusing the data M , the primary user requests 
for utilization of the data M to the key control center 1 6 
to again obtain the second secret-key Ks2. 
[0189] The fact that the user receives the regrant of 
the second secret-key Ks2 represents secondary utili- 
zation of data in which the data M has been copied to 
the external recording medium 11 or transmitted to the 
secondary usertemninal 5 via the communication net* 
wori< 2. Therefore, the fact is entered in the copyright 
management center 17 from the key control center 16 
and subsequent secondary utilization comes possible. 
[01 90] The data M is moved from the primary user ter- 
minal 4 to the secondary user terminal 5 by the external 
recording medium 11 or the communication networi<2. 
When the data M is copied to the extemal recording me- 
dium 11 or transmitted via the communication network 
2, it Is encrypted by the second secret-key Ks2. 
[0191] When the data M Is copied to the extemal re- 
cording medium 11 or transmitted via the communica- 
tion networic 2, the first secret-key Ksl and the second 



secret-key Ks2 in the primary user tem}inai_4 are dis- 
used, in this time, uncrypted primary user Information 
iu1 is added to the encrypted data Cmks2 stored In the 
primary user tenninai 4 and when the encrypted data 

5 Cmks2 is transmitted to the secondary user, the primary 
user tnfomiation iul is also transferred. 
pi92] A secondary user who desires secondary uti- 
lization of the encrypted data Cmks2 copied ortransmlt- 
ted from the primary user must designate original data 

10 riame or data number to the copyright management 
center 1 7 via the communication network 2 by the sec- 
ondary usertemninal 6 and also present the secondary 
user infomnatlon lu2to request for secondary utilization 
of the data Cmks2 to the center 1 7. in this time, the sec- 

15 ondary user further presents the uncrypted primary user 
information Iul added to the encrypted data Cmks2 in 
order to clarify the relationship with the primary user. 
[01 93] The copyright management center 1 7 conf imns 
that the primary user has received a regrant of the sec- 

20 ond secret-key Ks2 for secondary-utilizing the data, in 
accordance with the presented primary user Infomnatlon 
Iul and then, transfers the second secret-key Ks2 serv- 
ing as a decryption key and the third secret-key Ks3 
serving as an encryption/decryption key to the second- 
's ary user terminal 5 via the communication network 2, 
[0194] in the secondary user temninai 5 receiving the 
second secret-key Ks2 and the third secret-key Ks3, the 
encrypted data Cmks2 is decrypted using the second 
secret-key Ks2 by the copyright management program 

30 p 

M = D(Ks2, Cmte2) 

35 and is secondarily utilized such as being displayed or 
edited. 

[01 95] In this system, the key control center 16 proc- 
esses a primary utilization requests and the copyright 
management center 17 processes a secondary utiiiza- 

40 tlon requests. While the data M supplied to a primary 
user is encrypted by the first secret-key Ksl , the data M 
supplied to a secondary user Is encrypted by the second 
secret-key Ks2. Moreover, the first secret-key Ksl and 
the second secret-key Ks2 are transf en-ed to the primary 

45 user as crypt keys from the key control center 1 6. 
[0196] Therefore, if the secondary user, Instead of the 
primary user, falsely requests for primary utilization to 
the key control center 16, the first secret-key Ksl for 
decryption and the second secret-key Ks2 for encryp- 

50 tlon/decryption are transferred to the secondary user. 
However, the secondary user cannot decrypt the en- 
crypted data Cmks2 by using the first secret-key Ksl 
transferred as a decryption key. 
[0197] TTierefore, it Is impossible to falsely request for 

SB data utilization and resuttingly, not only the original cop- 
yright of data but also the copyright of the primary user 
on the data are protected. 

[0198] When storing, copying, or transmitting of the 
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" "data M T)ther than displaying and displaying for editing 

Is performed In the secondary user terminal 5, the data 
M is encrypted using the third secret-key Ks3 by the cop- 
yright management program P and thereafter, the data 
Is decrypted and encrypted by the third secret- l<ey KsS; s 

CmksS = E(Ks3, M) 

M ^ D(Ks3, Cmks3). 

[0199] Moreover, It is free In principle that the second- 
ary user displays and edits data to obtain the edited data 
M2. In this case, It is possible to limit the repetitions of is 
the operation by the copyright management program P, 
[0200] When the data M Is copied to the external re- 
cording medium 12 or transmitted via the communica- 
tion network 2, the second secret-key Ks2 and the third 
secret-key Ks3 In the secondary user terminal 6 are dis- 20 
used by the copyright management program P. There- 
fore, when reusing the data M, the secondary user re- 
quests for the utilization of the data to the copyright man- 
agement center 1 7 to again obtain the third secret-key 
Ke3. -25 
[0201 ] The fact that the secondary user receives a re- 
grant of the third secret-key KsS represents secondary 
utilization of data In which the data M has been copied 
to the external recording medium 12 or transmitted to 
the tertiary user tenninal 6 via the communication net- 30 
work 2. Therefore, the fact Is entered In the copyright 
management center 17 and allows subsequent data 
use. 

[0202] The data M Is moved from the secondary user 
terminal 5 to the tertiary user temiinal 6 by the external 35 
recording medium 12 or by the communication network 
2. When the date M Is copied to the extemai recording 
medium 12 or transmitted via the communication net- 
work 2, It is encrypted by the third secret-key Ks3. 
[0203] When the data M Is copied to the extemai re- 4o 
cordlngmedlum 12 or transmitted to the tertiary user ter- 
minal 6 via the communication network 2, the second 
secret-key Ks2 and the third secret-key Ks3 in the sec- 
ondary user tenninal 5 are disused. In this case, the un- 
crypted secondary user Infomriation lu2 Is added to the 45 
encrypted data CmksS stored In the secondary user ter- 
minal 6, and when the encrypted data Cmks3 is trans- 
mitted to a tertiary user, the secondary user Infonnation 
iu2 Is also transferred. 

[0204] In adding each user infomnation to data, there so 
are two cases: a case In which every Information is add- 
ed to data whenever It Is copied or transmitted; and an- 
other in which the history updated whenever the data Is 
copied or transmitted Is stored In the copyright manage- 
ment center. ss 
[0205] A tertiary user who desires tertiary utilization 
of the encrypted data Cmks3 copied or transmitted from 
the secondary user must designate original data name 



- or number to the copyright management center-17-from 
a tertiary user terminal 6 via the communication network 
2 and also presents the tertiary user Information Iu3 to 
request for tertiary utilization of the data, In this time, the 
tertiary user further presents the uncrypted secondary 
user Inforniation Iu2 added to the encrypted data CmksS 
In order to clarify the relationship with the secondary us- 
er. 

[0208] The copyright management center 1 7 confirms 
that the secondary user has received a regrant of the 
third secret-key Ks3 for preparation of tertiary-utilizing 
the data, In accordance with the presented secondary 
user Infomnation lu2 and then, transfers the third secret- 
key Ks3 ser^^lng as a decryption key and fourth secret- 
keyKs4 serving as an encryption/decryption key to the 
tertiary user temnlnal 6 via the communication network 
2. 

[0207] In the tertiary usertennlnal 6 receiving the third 
secret-key Ks3 and the fourth secret-key Kb4, the en- 
crypted data CmksS Is decrypted using the third secret- 
key Ks3 by the copyright management program P 

M = D(Ks3, Cmks3) 

and Is tertiarlly utilized such as being displayed or edit- 
ed. 

[0208] In this system, the data M supplied to the pri- 
mary user is encrypted by the first secret-key Ksl and 
the date M supplied to the secondary user Is encrypted 
by the second secret-key Ks2, and the data M supplied 
to the tertiary user is encrypted by the third secret-key 
Ks3. 

[0209] Therefore, If the tertiary user, Instead of the pri- 
mary user, falsely requests for primary utilization to the 
key control center 16, the first secret-key Ksl for de- 
cryption and the second secret-key Ks2 for encryption/ 
decryption are transferred to the tertiary user. However, 
it Is impossible to decrypt the encrypted data CmksS by 
the first secret-key Ksl transfenred as a decryption key. 
Moreover, If the tertiary user, instead of the secondary 
user, falsely requests for secondary utilization to the 
copyright management center 17, the second secret- 
key Ks2 and the third secret-key Ks3 are transferred to 
the tertiary user as a decryption key and an encryption/ 
decryption key respectively. However, It Is impossible to 
decrypt the encrypted data CmKs3 by the second se- 
cret-key Ks2 transferred as a decryption key. 
[0210] Therefore, it Is impossibleto falsely request for 
data utilization. As a result, not only the original copy- 
right of the date but also the copyrights of the primary 
and secondary users on the data are protected. 
[0211] The same procedure Is applied to quaternary 
and subsequent utilization. 

[0212] In the above described system, the database 
1 , key control center 1 6, and copyright management 
center 1 7 are separately arranged. However, It is not al- 
ways necessary to arrange them separately. It is also 
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" possible to set all of or proper two of them Integrally. 

[0213] Moreover, It is also possible to request for a 
regrant of the secondary secret-key from the primary us- 
er not to the key control center 16 but to the copyright 
management center 17. ^ 
[0214] In Figures 7(a) and 7(b), signal process flow In 
data edit method of digital video or digital audio is 
shown, An edit flow generally processed Is shown In 7 
(a) and an edit flow 7(b) which can avoid deterioration 
of signals, 

[021 5] in the edit flow shown in 7(a), signals supplied 
as digital signals 61 are converted to analog signals 62, 
the analog signals are then edited while being displayed 
64, and the analog signals completed editing are re-dig- 
itized 65 to be stored, copied, and transferred 66, is 
[0216] Though this process may be simple, It can not 
avoid deterioration of signals since signal is edited In 
analog and re-digltlzed after completion of editing, 
[0217] The edit flow shown in 7(b), digital signals 61 
are converted to analog signals 62 to be displayed, so 
While the analog signals 62 are used In editing 63, the 
analog signals are used only for displaying 64 rather 
than for storing, copying, transferring. 
[0218] Signals for storage, copy, and transfer.are ed- 
ited 67, copied, and transferred 66 in the fonri of digital 25 
signals 61 correspond to signals displayed in analog. 
[0219] In the case of this edit flow, there Is no deteri- 
oration of signals since digital signals which are stored, 
copied, and transfen'ed are never converted to analog 
signals, 

[0220] Figures 8(a) and 8(b) illustrate flow examples 
when editing encrypted data to whteh signal process In 
data editing method of digital video or digital audio 
shown In Figure is applied, 8(a) shows a simplified sig- 
nal processing flow and 8(b) shows a signal processing 35 
flow which allows sufficient copyright management. 
[0221] in the signal processing flow shown in (a), the 
original data 71 CmOksl , encrypted using the first se- 
cret-key Ksl and supplied Is initially decrypted 72 using 
the first secret key Ks1 : 40 

MD=D (Ksl, CmOksl), 

and the decrypted data MO Is then edited 73 while being 
displayed 74. The data Ml completed editing Is re-en- 
crypted 75 using the second secret key Ks2: 

Cm1ks2=E(Ks2,M1) ^o 

and stored, copied, and transfen-ed 76. 

[0222] Though the process may be simple, copyright 

can not be properly managed since there Is possibility 

that the decrypted data might be stored, copied, or w 

transfen-ed due to the data editing process In decrypted 

fonn. 

[0223] On the other hand, In the signal processing 



flow shown in 8(b)rthe-orlglnal data 7-VGmOks1, en- 
crypted using the first secret key Ks1 is decrypted 72 
using the first secret-key Ksl ; 

MO=D (Ksl, CmOksl) 

the decrypted data MO is displayed 74, 
[0224] While, the encrypted data CmOksl is edited 
73, lead by the decrypted data MO, and the original data 
MO for storage or the edited data Ml are re-encrypted 
using the second secret-key; 

Cm0ks2-E (Ks2, MO) 



Cm1ks2=E(Ks2,M1) 

the encrypted data Cm0ks2 or Cm1ks2 Is stored, cop- 
ied, and transfered 76. 

[0225] Without being decrypted corresponding to the 
decrypted and displayed data, It Is edited 77 in the en- 
crypted fomri, and the edition program and the data still 
encrypted are used for store, copy, transfer 76. 
[0226] In the case of this signal processing flow, the 
decrypted data are never stored, copied, or transfen-ed 
since the data for storage, copy, transfer remains en- 
crypted. 

[0227] In the data copyright management system 
. which applies the data copyright management appara- 
tus of the present Invention, while data is decrypted for 
utilization when the obtained encrypted data are dis- 
played/edited, data copyright is managed by encrypting 
data when obtained or edited data is stored/copied/ 
transferred. 

[0228] However, the data copyright management unit 
1 5 of the prior Invention shown In Figure 2 and the data 
copyright management unit 30 of the present invention 
described in Figure 3 can perform only one process of 
decryption of encrypted data or encryption of decrypted 
data. When decrypted or edited data is stored/copied/ 
transferred, therefore, it is necessary to store data in the 
usertemilnBl or RAM of the data copyright management 
apparatus to re-encrypt the stored data afterwards. 
Thus, there is a possibility that decrypted or edited data 
might be lost due to accident or misoperatlon as well as 
posing limitation in volume to the data that can be proc- 
essed. 

[0229] With the exception of some high-class MPU, 
general MRU used Jn personal computers does not take 
into account the multiprocessor configuration which al- 
lows concurrent operation of plural microcomputers. 
Therefore, plural operations can not be perfonned atthe 
same time, although accessory units are connected to 
the system bus of the personal computer. 
[0230] Accordingly, to connect the data copyright 
management unit 16 shown In Figure 2 or the data cop- 
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yright management unit 30 shownin Flgure 3 to the sys 

tern bus 22 of the user terminal 20 never provides mul- 
tiprocessor function that enables concurrent operation 
of MPU 21 or 46 and CPU 16, and the processes of de- 
cryption of encrypted data and re-encryption of decrypt- s 
ed data are performed alternately, not concurrently. 
Thus, a large amount of data can not be processed since 
the data to be encrypted and decrypted Is limited by the 
capacity of RAM, Further, ills Impossible to increase the 
processing speed, even If the amount of data is not io 
large. 

[0231] On the other hand, in the data copyright man- 
agement system described as the prior application, en- 
crypted data obtained is decrypted to use for displaying 
or editing, and when the obtained or edited data is is 
stored, copied, or transferred, it is re-encrypted In order 
to prevent unauthorized utilization of the data. There- 
fore, It ts desirable that the apparatus in the data copy- 
right management system of the present invention per- 
fomns not only decryption but also re-encryption of data so 
at the same time. 

[0232] Recently, a PCI (Peripheral Component Inter- 
connect) bus has attracted attention as means for Inv 
plementing a muitiprocessorconfiguration of typical per- 
sonal computer. 

[0233] The PCI bus is a bus for extemai connection 
connected to a system bus of personal computer via a 
PCI bridge, and allows to implement a multiprocessor 
configuration. 

[0234] Figure9 shows embodiment2 of this invention, so 
which is a configuration of data copyright management 
apparatus using a PCI bus and the same configuration 
of data copyright management unit 1 5 as shown in Fig- 
ure 3, that is, a computer configuration having a CPU 
16, a local bus 17 for the CPU 16, and ROM IB, RAM 35 
19, and EEPROM 31 connected to the local bus 17. 
[0235] In a userterminal 20, a PCI bus 81 is connect- 
ed to a system bus 22 for a microprocessor 21 via a PCI 
bridge 82 and the local bus 1 7 for the CPU 1 6 of a data 
copyright management apparatus 80 is connected to 40 
the PCI bus 81 . Also connected to the system bus 22 of 
the user terminal 20 are a communications device 
(COMM) 23 which receives data from external databas- 
es and transfers data to the external of the terminal, a 
CD-ROM drive (CDRD) 24 which reads data supplied 4s 
on CD-ROM, a flexible disk drive (FDD) 25 which copies 
received or edited data to supply to the external of ter- 
minal, and hard disk drive (HDD) 26 used for storing da- 
ta. COMM 23, CDRD 24, FDD 25, and HDD 26 may also 
be connected to the PCI bus 81 . so 
[0236] While ROM, RAM etc., of course, are connect- 
ed to the system bus 22 of the user tenninal, these are 
not shown In Figure 9. 

[0237] Configurations and operations of other parts 
are the same as embodiment 1 shown In Figure 3, and ^5 
further explanation of them will be omitted. 
[0238] A decryption task Is performed by the MPU 21 
of the user temntnal 20 and an encryption task is per- 



formed-by-the GPU -16-of -the data copyright manage- 
ment apparatus 80 at the same time, and vice versa. 
Since the configuration of the MPU .21 and CPU 1 6 in 
this embodiment Is a multlprosessor configuration which 
perfonns parallel processing with a PCI bus, high 
processing speed can be achieved. 
[0239] Other typical means for attaching extemal de- 
vices to a personal computer Include SCSI (Small Com- 
puter System Interface), which Is used for the connec- 
tion of external storage medium such as hard disk drives 
and CD-ROM drives. 

[0240] Up to eight devices, Including the personal 
computer Itself to which SCSI is attached, can be con- 
nected to SCSI, and a plurality of computers may be In- 
cluded In the eight devices. Each of these computers 
can play an equivalent role. In other words, SCSI func- 
tion as not only an interface but also a nriultlprocessor 
bus. 

[0241] Taking advantage of this function of SCSI, em- 
bodiment 3 connects a data copyright management ap- 
paratus 85 to the system bus 22 of a user terminal 20 
via SCSI 86 (hereinafter called the "SCSI bus", for clear 
understanding) instead of the PCI bus 81 In embodiment 
2. 

[0242] Figure 1 0 shows a configuration block diagram 
of a data copyright management apparatus of embodi- 
ment 3 which uses and SCSI bus according to the 
present invention. 

[0243] In embodiment 3, the configuration of the data 
copyright nianagement apparatus 85 is the same as the 
data copyright management apparatus shown in Figure 
3, that Is, the apparatus has a CPU 16, a local bus 17 
for the CPU 16, and ROM 18, RAM 19, and EEPROM 
31 connected to the local bus 17. 
[0244] On the other hand, an SCSI bus 86, whteh is 
controlled by an SCSI controller (SCSICONT) 87, is 
connected to a system bus 22 for a microprocessor 21 
of a userterminal 20. and the local bus 17 for the CPU 
1 6 of a data copyright management apparatus 85 is con- 
nected to this SCSI bus 86. 

[0245] Also connected to the system bus 22 of the us- 
er terminal 20 are a communications device (COMM) 23 
which receives data from extemal databases and trans- 
fers data to the external of the terminal, a CD-ROM drive 
(CDRD) 24 which reads data supplied on CD-ROM, a 
flexible disk drive (FDD) 25 which copies received cred- 
ited data to supply to the external of tenninat, and hard 
disk drive (HDD) 26 used for storing data. COMM 23. 
CDRD 24, n3D 25, and HDD 26 may also be connected 
to the SCSI bus 86. 

[0246] While ROM, RAM etc., of course, are connect- 
ed to the system bus 22 of the user temrilnal, these are 
not shown in Figure 10. 

[0247] Configurations and operations of other parts 
are the same as embodimnt 1 shown In Figure 3, and 
further explanation of them will be omitted. 
[0248] A decryption task is perfomned by the MPU 21 
of the user tenninal 20 and a encryption task is per- 
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' toimed by the CPUi6 of the data -copyright manage- 

ment apparatus 85 at the same time, and vice versa, 
Since the configuration of the MPU 21 and CPU 16 in 
this embodiment is amuftiprosessorconfiguratlon which 
perfomis parailel processing with an SIS) bus BS, high 5 
processing speed can be achieved. 
[0249] Other means for implementing a multiproces- 
sor configuration, such as SCI (Scalable Coherent in- 
terface), may be used, and, If possible, the microproc- 
essors may be connected with each other without using io 
a bus. 

10250] Data to be managed by the data copyright 
management apparatus of the present Invention in- 
cludes, in addition to text data, graphic data, computer 
programs, digital audio data, JPEG-based still picture is 
data, and MPEG-based moving picture. 
[0251 ] The above-mentioned multiprocessor configu- 
ration of the data copyright management apparatus 80 
of embodiment 2 and the data copyright management 
apparatus 85 of embodiment 3 is implemented by con- so 
necting the apparatus to the system bus 22 of the mi- 
croprocessor 21 In the user terminal 20 via a PCI bus 
or a SCSI bus. in such multiprocessor configuration, the 
UPU 21 of the user temiinal 20 must also control the 
overall system. For relatively slow and small data such 
as text data and graphic data, data copyright manage- 
ment with encryption and re-encryption can be per- 
fomned by the multiprocessor configuration using the 
MPU 21 andCPU 16,forJPEG-stliI-plcture-based mov- 
ing picture data and MPEG1 or MPEG2-based moving 
picture data, however, data copyright management by 
such configuration Is considerably difficult to perfonn 
because the data is fast and large. 
[0252J To deal with this problem, a multiprocessor 
system is configured by connection a first data copyright 35 
management apparatus 80 and a second data copyright 
management apparatus 90 to a PCI bus 81 In embodi- 
ment 4 shown In Figure 11 . 

[0253] The configuration of the second data copyright 
management apparatus 90 Is the same as that of the 40 
first data copyright management apparatus 80, that is, 
the apparatus comprises a CPU 91 , a local bus 94 for 
the CPU 91, and ROM 92. RAM 93. and EEPROM 95 
connected to the local bus 94. 

[0254] In this embodiment, the first data copyright 45 
management apparatus 80 decrypts encrypted data 
and the second data copyright management apparatus 
90 re-encrypts decrypted data. 
. [0255] Fixed infomiatlon, such as software for utilizing 
databases and user data, are stored in the ROM 18 of bo 
the first data copyright management apparatus BO de- 
crypting encrypted data. A first crypt-key and data cop- 
yright management system program supplied by a key 
control center or copyright management center are 
stored in the RAM 19. w 
[0256] Similariy, fixed Infonnation, such as software 
for utilizing databases and user data, are stored in the 
ROM 92 of the second data copyright management ap- 



paratus -90 re-encrypting decrypted datBi and a second - 
crypt-key and data copyright management system pro- 
gram supplied by a key control center or copyright man- 
agement center are stored In the RAM 93, 
[0257] in this multiprocessor configuration, SCSI or 
SCI may be used, and, If possible, the microprocessors 
may be connected with each other without using a bus. 
[0256] In the prior application shown In Figure 2 and 
In embodiment 1 of the present Invention described with 
reference to Figure 3, the communications device 
(COMM) 23 to which encrypted data is supplied and the 
CD-ROi^ drive (CDRD) 24 are connected to the system 
bus of the userterminal20. in order to decrypt encrypted 
data, therefore, the encrypted data must be transmitted 
by way of the system bus of the user tormina! 20 and 
the local bus of the data copyright management appa- 
ratus, and consequently, the processing speed can be 
slowed, This is true for a configuration in which those 
attached devices are connected to a PCI bus or SCSI 
bus, 

[0259] in embodiment 5 shown in Figure 12, a com- 
munications device 23 to which encrypted data is sup- 
plied and a CD-ROM drive 24 are connected to a local 
bus 17 of a data copyright management apparatus 97 
for decryption. In order to prevent processing speed 
from being slowed, 

[0260] The data copyright management apparatus 97 
of embodiment 5 shown in Figure 1 2 is a data copyright 
management apparatus for decryption and Its configu- 
ration is essentially the same as that of the data copy- 
right management apparatus 30 of embodiment 1 
shown in Figure 3, that Is, the computer system has a 
CPU 16, a local bus 17 for CPU 16, and ROM 18, RAM 
19 and EEPROM 31 connected to the local bus 17, and 
a communication device COMM 23 and a CD-ROM 
drive CDRD 24 are connected to the local bus 17. 
[0261] Fixed infomiation, such as a copyright man- ' 
agement program, cryptography program based on 
crypt algorithm, and user data, are stored in the ROM 
18. 

[0262] Copyright information is stored in the EEP- 
ROM 31 . if the copyright management program and 
cryptography program are supplied from the external 
such as databases, those programs are stored in the 
EEPROM 31 , rather than in the ROM 1 8. 
[0263] A crypt-key for decryption and a data copyright 
management system program supplied from a key con- 
trol center or copyright management center are stored 
In the RAM 19, 

[0264] Encrypted data supplied from the COMM 23 or 
CDRD 24 is decrypted by the data copyright manage- 
ment apparatus 97.and transferred to a usertemiinai 95. 
[0265] While the above-mentioned data copyright 
management apparatus 80 and 90 of embodiment 4 are 
described as being configured separately, these appa- 
ratus, of course, can be configured as a unit. 
[0266] Figure 13 shows a data copyright manage- 
ment apparatus of embodiment 6 which Is extended 
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from the" data copyright-management apparatus -97-of- 
embodlment 5. 

[0267] In the prior application shown in Figure 2 and 
tlie embodiment 1 described with reference to Figure 3, 
the storage medium, such as iHDD 26, for storing re- 
encrypted data are connected to the system bus 22 of 
the ueertermlnai 20, In orderto store re-encrypted data, 
therefore, the encrypted data must be transmitted by 
way of the system bus 22 of the user temninal 20 and 
the locai bus 17 of the data copyright management unit 
15 or data copyright management unit 30, and conse- 
quently, processing speed can be slowed, This is true 
for a configuration in which those attached devices are 
connected to a PCI bus or SCSI bus. 
[0268] In the data copyright management apparatus 
100 of the embodiment eshown in Figure 13, In addition 
to the communications device COMM 23 and the 
CD-ROM drive CDRD 24 connected to the local bus 17 
In the data copyright management apparatus 97 for de- 
cryption in the embodiment 5 shown in Figure 12, stor- 
age devices such as HDD 26 for storing re-encrypted 
data are connected to the local bus 94 of the data cop- 
yright management apparatus 101 for re-encryption, 
[0269] The configuration of the data copyright man- 
agement apparatus 101 for re-enciyptlon In embodi- 
ment 6 is essentially the same as that of the data cop- 
yright management unit 30 shown In Figure 3, that Is. 
the computer system has a CPU 91 . a local bus 94 for 
the CPU 91, and HOU 92. RAM 93 and EEPROM 95 
connected to the local bus 94. and HDD 26 is connected 
to the local bus 94. 

[0270] Fixed information, such as a copyright man- 
agement program, cryptography program based on 
crypt algorithm, and user data, are stored In the ROM 
92. 

[0271] Copyright infomnation is stored in the EEP- 
ROM 95. if the copyright management program and 
cryptography program are supplied from the external 
such as databases, those programs are stored in the 
EEPROM 95 rather than the ROM 92. 
[0272] A crypt-l<ey for re-encryption and a data copy- 
right management system program supplied from a icey 
control center or copyright management center are 
stored in the RAM 93. 

[0273] Data re-encrypted by the copyright manage- 
ment apparatus 101 for re-encryption is stored in HDD 
26. 

[0274] While the above-mentioned data copyright 
management apparatus 100 and 101 of embodiment 6 
are described as being configured separately, these ap- 
paratus, of course, can be configured as a unit 
[0275] Digital data includes. In addition to text data, 
graphic data, computer programs, digital sound data, 
JPEG-based still picture data, and MPEG-based mov- 
ing picture data. 

[0276] A typical user temninal which utilizes copyright- 
ed data Is computer apparatus such as personal com- 
puters. Other apparatus which utilize such data are re- 



celvers such as television setSj set-top (Doxes used with 

those receivers, digital recording apparatus such as vid- 
eo tape recorders, digital video disl< recorders, and dig- 
ital audio tapes (DAT) which store digital data, and per- 
5 sonal digital assistants (PDA). 

[0277] The data copyright management apparatus 
shown In Figure 2 which Is configured as an expansion 
board, IC card, or PC card and described in the prior 
patent application No. 237673/1 994 or the data copy^ 
10 right management apparatus shown in Figure '6 may be 
used by attaching it to a user terminal which is a com- 
puter, receiver, set-top box, digital recording medium, or 
PDA, However, It is desirable that a data copyright manr 
agement apparatus is factory-installed in the user ter- 
15 mina! in order to eliminate labor and failure during the 
attachment of the apparatus. 
[0278] To accomplish this, in each embodiment of the 
present invention, a data copyright management appa- 
ratus is Implemented in the fomi of a monolithic iC, hy- 
20 brid IC, or bullt-ln subboard and is Incorporated in a user 
terminal such as computer apparatus such as personal 
computers, receivers such as television sets, set-top 
boxes used with those receivers, digital recording me- 
dium such as digital video tape recorders, digital video 
ZB dislc recorders, and digital audio tape (DAT) which store 
digital signals, or personal digital assistants (PDA). 
[0279] Further, the apparatus for managing data cop- 
yright described above can be applied not only to the 
data utilization but also to the handling of the digital cash 
30 and video conference systems, 

[02S0] The digital cash system which has been pro- 
posed so far is based on a secret-key cryptosystem , The 
encrypted digital cash data Is transferred from a bank 
account or a cash service of a credit company, and Is 
35 stored in the I C card so that a terminal device for input/ 
output is used to malce a payment. The digital cash sys- 
tem which uses this I C card as an electronic cash-box 
can be used at any place such as shops or the like as 
long as the input/ output temnlnai is installed, However, 
40 the system cannot be used at places such as homes or 
the like where no Input/output terminal is installed. 
[0281 ] Since the digital cash is an encrypted data, any 
device can be used as the electronic cash-box which 
stores digital cash data, in addition to the IC card, as 
45 iong as the device can store encrypted data and transmit 
the data to the party to which the payment Is made. As 
a temninal which can be specifically used as the elec- 
tronic cash-box, there are personal computers, intelli- 
gent television sets, portable telephone sets such as 
50 personal infomnation temninal, personal handyphone 
system (PHS), intelligent telephone sets, and PC cards 
or the like which has an input/ output function. 
[0282] Trades in which such temnlnals are used as an 
electronic cash-box for a digital cash can be actualized 
55 by replacing in the constitution of the data copyright 
management system, the database with a customer's 
banl<, a first user terminal with a customer, the second • 
userterminal with a retailer, the copyright control center 
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With B retailer's bank and-a third-user-teiTninal-with-a 

wholesaler or a maker. 

[02B3] An example of the trading system will be ex- 
plained In which the digital cash Is transferred via a com- 
munication network by using Figure 14. ^ 
[0284] The example uses the constitution of the data 
copyright management system shown In Figure 1 . in 
Figure 14, reference numeral 111 represents a custom- 
er, 112 a bank of the customer 111, 113 a retail shop, 
114 a bank of the retail shop 113, 116 a maker, 116 a io 
bank of the maker 115,2a communication network such 
as a public line provided by a communication enterprise 
or CATV line provided by a cable television enterprise, 
Customer 11 1 , the customer's bank 112, the retail shop 
1 1 3, the retail shop's bank 1 1 4, the maker 11 5, the mak- 
er's bank 1 1 6 can be mutually connected with the com- 
munication network 2. In this system, the customer 111 
can use a credit company offering cashing service other 
than banks and he can also interpose • appropriate 
number of wholesalers between the retail shop and the 20 
maker. 

[0285] In addition, 117 and 118 are either IC cards or 
PC cards in which digital cash data is stored. The cards 
are used when the communication network is not used. 
[0286] Incidentally, in Figure 14, what Is represented 25 
by a broken line Is a path of encrypted digital cash data, 
what is represented by the soiid line is a path of requests 
from the customer, the retail shop or the maker, and 
what is represented by a one-dot chain line Is a path of 
the secret-key from each bank. 
[0287] In this example, first secret-key prepared by 
the customer's bank 112, the second secret-key gener- 
ated by the customer, the third secret-key generated by 
the retail shop, and the fourth secret-key prepared by 
the maker are used as crypt keys. ^5 
[0288] Further, while ttie customer's bank 1 1 2, the re- 
tail shop's bank 114, and the maker's bank 11 6 are ex- 
plained as separate entities, these can be considered 
as a financial system as a whole. ^ 
[0289] Digital cash management program P for en- 40 
crypting and decrypting the digital cash data is prelimi- 
narily distributed to the customer 111 and is stored In 
the user terminal. Further, it Is possible to transfer the 
digital cash management program P together with data 
every time trade with the bank Is executed. Further, it Is 45 
desirable to install the common digital cash manage- 
ment program P In all banks. 
[0290] The customer 111 uses the user terminal to 
designate the amount of money via the communication 
network 2 to request drawing out from the account of so 
the customer's bank 112 to the bank. At this time, the 
terminal presents customer information Ic of the cus- 
tomer 111. 

[0291] The customer's bank 112 which receives the 
customer's request of drawing out from the account se- ^5 
iects or generates the first secret-key Ksl so that the 
digital cash data MO of the amount Is encrypted by the 
first secret-key Ks1 : 



" ' " ' " " CmOks1-E(l<s1,M6j" 

and the encrypted digital cash dataCmOksi and the first 
secret-key I<b1 for a decrypting key are transferred to 
the customer 111 , and the customer information Ic and 
the first secret-key Ks1 are stored. 
[0292] In this case, the first secret-key Ksl can be se- 
lected from what Is preliminarily prepared by the cus- 
tomer's bank 112, and also may be generated by pres- 
entation of the customer Information ic at the time of 
drawing by the customer using the digital cash manage- 
ment program P on the basis of the customer infonna- 
tion Ic; 

Ksl-P(ic). 

[0293J Through this means; the first secret-key Ksl 
can be private for the customer 11 1 . At the same time, 
it is not necessary to transfer the first secret-key Ks1 to 
the customer 111 so that the safety of the system can 
be heightened, 

[0294] Further, the first secret-key Ksl can be gener- 
ated on the basis of the bank Inf omnation lbs of the cus- 
tomer's bank 112 or on the basis of the bank infonnatlon 
lbs and the date of key generation. 
[0295] The customer 111 to which the encrypted dig- 
ital cash data CmOksl and the first secret-key Ksl are 
transferred generates second secret-key Ks2 according 
to any one or both of the customer infomnatlon Ic and 
the finst secret-key Ksl using the digital cash manage- 
ment program P, for example: 

Ks2=P(lc) 

and the generated second secret-key Ks2 Is stored in 
the user tenninal, 

[0296] Further the customer 1 1 1 uses the first secret- 
key Ksl to decrypt the encrypted digital cash data 
CmOksl with the digital cash management program P: 

M0=D(Ks1, CmOksl) 

and the content Is conf Inned. When the decrypted digital 
cash data 1^0 whose content Is confinned Is stored in 
the user tenninal as a cash-box. It Is encrypted by the 
generated second secret-key Ks2 using the digital cash 
management program P: 

CmOKs2=E(Ks2, MO). 

[0297] The first secret-key Ksl is disused at this time. 
[0298] The customer 1 1 1 who wishes to buy an article 
from the retail shop 113 decrypts the encrypted digital 
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iaahTiata-CmOks2 whichisstoredinihe- user terminal- 
as a cash-box by the digital cash management program 
P using the second secret-key Ks2: 

M0=D(Ks2, Cm0ks2) 

and the digitai cash data Ml which con-esponds to the 
necessary amount of money is encrypted by the second 
secret-l<ey ics2 using the digltai cash management pro- 
gram P: 

Cm1ks2=E(Ks2, M1) 

and then, the payment is made by transmitting the en- 
crypted digital cash data Cm1ks2 to the user terminal 
as a cash-box of retail shop 113 via the communication 
network 2, 

[0299] . At this time, the customer information Ic is also 
transmitted to the user temiinal of the retail shop 113. 
[0300] Further, the residuai amount digitai cash data 
M2 Is encrypted by the second secret-key Ks2 using the 
digitai cash management program P: 

Cm2ks2=E(Ks2, M2) 

and stored in the user termlnai of the customer 111 . 
[0301] The retali shop 113 to which the encrypted dig- 
ital cash data Cml ks2 and the customer Infonnation Ic 
are transferred stores the transfered encrypted digital 
cash data Cm1 ks2 and customer information Ic in the 
user temiinal, and presents the customer information ic 
to the retail shop's bank 11 4 via the communication net- 
work 2 for confirming the content to request the trans- 
mission of the second secret-key Ks2 for decrlptlon. 
[0302] The retail shop's bank 1 1 4 which is requested 
by the retail shop 1 1 3 to transmit the second secret-key 
Ks2 transmits the request of the transmission of the sec- 
ond secret-key Ks2 and the customer Infonnation Ic to 
the customer's bank 112. 

[0303] The customer's bank 112 which is requested 
to transmit the second secret-key Ks2 from the retail 
shop's bank 114 generates the second secret-key Ks2 
according to the customer information ic by the digital 
cash management program P in the case where the sec- 
ond secret-key Ks2 is based only on the customer infor- 
mation Ic, or generates the second secret-key Ks2 ac- 
cording to the customer infonnation Ic and the first se- 
cret-key Ksl by the digital cash management program 
P In the case where the second secret-key Ks2 Is based 
on the customer infonnation ic and the first secret-key 
Ksl , and transmits the generated second secret-key 
Ks2 to the retail shop's bank 114. 
[0304] The retali shop's bank 1 1 4 to which the second 
secret-key Ks2 is transmitted from the customer's bank 
112 transmits the second secret-key Ks2 to the retail 



shop 113 via the communication network-2i — 

[0305] The retail shop 113 to which the second secret- 
key Ks2 is transferred decrypts the encrypted digital 
cash data Cml ks2 by the second secret-key Ks2 using 
5 the digitai cash management program P: 

iVI1=D(Ks2, Cm1ks2) 

10 and after confirming the amount of money, forwards the 
article to the customer 111. * 
[0306] incidentally, In this case, the retail shop 111 
can directly requests the transfer of the second secret- 
key Ks2 to the customer's bank 1 1 2 Instead of the retali 
15 shop's bank 114. 

[0307] in case where the digital cash received by the 
retail shop 113 is deposited in the account of the retali 
shop's bank 114, the customer infonnation Ic is trans- 
ferred to the retali shop's bank 114 together with the en- 
20 crypted digitai cash data Cm1ks2 via the communica- 
tion network 2. 

[0308] The retail shop's bank 114 to which the en- 
crypted digital cash data Cm1ks2 and the customer in- 
fonnation Ic are transfen-ed requests the transfer of the 
25 second secret-key Ks2 to the customer's bank 112 by 
transmitting the customer infonnation Ic. 
[0309] The customer's bank 112, which is requested 
to transfer the second secret-key Ks2 from the retail 
shop's bank 114, generates the second secret-key Ks2 
30 according to the customer's infonnation ic by the digital 
cash management pnsgram P when the second secret- 
key Ks2 is only based on the customer's information Ic, 
or generates the second secret-key Ks2 according to 
the customer's infonnation Ic and the first secret-key 
35 Ksl by the digital cash management program P when 
the second secret-key Ks2 is based on the customer's 
infonnation ic and the first secret- key Ks1 , tJien the gen- 
erated second secret-key Ks2 is transfen-ed to the retail 
shop's bank 114. 
40 [031 0] The retail shop's bank 1 1 4, to which the second 
secret-key Ks2 Is transferred from the customer's bank 
112, decrypts the encrypted digltai cash data Cnn1ks2 
by the second secret-key Ks2 using the digital cash 
management program P: 

45 

l^1=D(Ks2, Cm1ks2) 

and the decrypted digital cash data Ml Is deposited in 
50 the bank account of the retail shop's bank 114. 

[0311] In the general trade system, the retail shop 113 
stocks products from the maker 1 1 5 or from the whole- 
saler which Inten^enes between the retail shop 113 and 
the maker 115. Then the retail shop 113 sells the prod- 
55 ucts to the customer 111. Consequently, a trading f onn 
is present between the customer 1 1 1 and the retail shop 
113 just as between the retail shop 1 13 and the maker 
115. 



15 



20 



25 



80 



35 



40 



18 



35 



EP 0 715 241 B1 



36 



— [0312]--The-handling of the digital-cash between-the 
retail shop 113 and the maker 116 Is not basically differ- 
ent from the handling of the digital cash which is carried 
out between the customer 111 and the retail shop 113. 
Therefore, the explanation there will be omitted tor the 
saice of clarity, 

[0313] in this digital cash system, the digital cash Is 
handled through banks, As infomiation such as the 
processed amount of the digital cash, date, and the se- 
cret-key demanding party infomiatlon with respect to the 
handling of the digital cash is stored In the customer's 
bank, the residual amount of digital cash and usage his- 
tory can be grasped. 

[0314] Even inthe case where the usertemnlnai which 
is an electronic cash-box storing the digital cash data 
cannot be used owing to the loss or the breakage, It is 
possible to reissue the digital cash on the basis of the 
residual amount, and usage history kept in the custom- 
er's bank. 

[0315J It Is desirable to add a digital signature to the 
digital cash data for heighten the safety of the digital 
cash. 

[0316] in this example, digital cash Is added by the 
customer's information which may be accompanied by 
digital signature. Therefore, the digital cash in the ex- 
ample can also have a function of settlement system for 
checques drawn by customers. 
[0317] Also this system can be applicable to various 
systems In the International trading such as payment 
settlement of Import/export by a negotiation by a draft 
using a letter of credit and a bill of lading which have 
been executed by documents. 
[0318] In the video conference system, a television 
picture has been added to the conventional voice tele- 
phone set. Recently the video conference system is ad- 
vanced in which a computer system Is incorporated In 
the video conference system so that the quality of the 
voice and the picture are improved, and data can be 
handled at the same time as well as the voice and the 
picture, 

[0319] Under these circumstances, security against 
the violation of the usef's privacy and the data leakage 
due to eavesdropping by persons other than the partic- 
ipants of the conference are protected by the cryptosys- 
tem using a secret-key. 

[0320] However, since the conference content ob- 
tained by the participants themselves are decrypted, In 
the case where participants themselves store the con- 
tent of the conference and sometimes edit the content, 
and further, use for secondary usage such as distribu- 
tion to the persons otherthan the participants of the con- 
ference, the privacy of other participants of the video 
conference and data security remains unprotected. 
[0321] In particular, the compression technology of 
the transmission data is advanced while the volume of 
the data storage medium Is advanced with the resultthat 
the possibility is getting more and more realistic that all 
the content of the video conference Is copied to the data 



storage-medium or is transmitted via a-network.. 

[0322] In view of the circumstances, the example is 
intended, when video conference participants perfomn 
secondary use, to secure the privacy of other particl- 

5 pants and data security by using ttie aforementioned 
constitution of the data copyright management system. 
[0323] This video conference data management sys- 
tem can be actualized, for example, by replacing the da- 
tabase in the data copyright management system con- 

10 stitution shown in FIgurel with a participant of the video 
conference, the first user temnlnal with another partici- 
pant of the video conference, and the second user ter- 
minal with non-partlclpant of the video conference. 
[0324] An example when utilizing will be explained by 

IS using Figure 15. 

[0325] Referring to Figure 15, reference numeral 121 
represents a participant as a host of the video confer- 
ence, 122 a participant of the video conference as a 
guest, 123 a non-participant of the video conference as 

20 a user, 1 24 a non-partk:ipant of the video conference as 
anotheruser, 2 a communication network such as a pub- 
lic telephone line provided by the communication enter- 
prise and a CA television line provided by the cable tel- 
evision enterprise or the like. The participant 121 of the 

25 video conference Is connected to the participant 122 of 
the video conference via the communication network 2. 
Further, the participant 122 of the video conference can 
be connected to the non-participant 123 of the video 
conference, and the non-participant 123 of the video 

30 conference to the non-participant 1 24 of the video con- 
ference, via the communication network 2. Reference 
numeral 125 and 126 represent a data recording medi- 
um. 

[0326] Refening to Figure 15, what Is represented by 
35 the broken line is a path of the encrypted video confer- 
ence content, represented by the solid line Is a path re- 
questing the crypt key from the non^partlcipants of the 
video conference 123 and 124 to the participant of the 
television conference 121 , and represented by the one- 
40 dot chain line Is a path of crypt keys from the participant 
of the video conference 1 21 to the participant of the vid- 
eo conference 122 and the non-participants of the video 
conference 123 and 124.. 

[0327] In this example, a video conference data man- 
45 agement system Is described here only the protection 
for data security and privacy in case of the video con- 
ference participant 121 to simplify the explanation, how- 
ever, It Is of course, possible to protect for data security 
and privacy of the video conference participant 122. 
50 [0328] A video conference data management pro- * 
gram P for encryption/decryption of the video confer- 
ence data of the participant 121 including audio and pic- 
ture is previously distributed to the video conference 
participant 1 22 and the video conference non-partici- 
55 pants 1 23 and 1 24, and Is stored in each terminal. This 
video conference data management program P may be 
transferred whenever a crypt-key Is transferred. 
[0329] In this example, further, a first secret-key pre- 
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-pared by the video conference particIpanH 217a second - 
secret-key prepared by the video conference participant 
t22, a third secret-key prepared by the video conference 
non-participant 123 and subsequent secret-keys pre- 
pared similarly are used as a crypt key. 
[0330] The video conference participant 1 21 and the 
video conference participant 122 perfonn the video con- 
ference by transntlttlng audio, picture and data {referred 
to as video conference data on the v^rhole) each other, 
using each tennlnal via communication network 2, Be- 
fore the video conference, the video conference partic- 
ipant 121 generates or selects the first secret-key Ksl 
to transfer to the video conference participant 122 prior 
to the start of the video conference. 
[0331] The video conference participant 122 recelv- 
Ingtheflrstsecret-keyKsl generates the second secret- 
key Ks2 by the first secret-key Ksl using the video con- 
ference data management program P: 

Ks2=P(Ks1). 

[0332] The generated second secret-key Ks2 Is 
stored In the terminal. 

[0333] The video conference participant 1 21 encrypts 
the video conference data MO with the first secret-key 
Ks1 , in the video conference through the communica- 
tion network 2; 

CmOk6l=E(Ks1,MO) 

and transfers the encrypted video conference data 
CmOksi to the video conference participant 122. 
[0334] The video conference participant 1 22 who re- 
ceives the video conference data CmOksl encrypted by 
the first secret-key Ksl decrypts the video conference 
data CmOksl by the first secret-key Ks1 : 

M0=D(ks1, CmOksl) 

and uses decrypted video conference data MO. 
[0335] Further, the second secret-key Ks2 is generat- 
ed based on the first secret-key Ksl with the video con- 
ference data management program P: 

Ks2=P{Ks1). 

[0336] In the case where the decrypted video confer- 
ence data MO is stored In the temilnal of the participant 
122 of the video conference, copied to the data record 
medium 125, ortransfen-edtothe non-participant of the 
video conference via the communication network 2, the 
data M is encrypted by the second secret- key Ks2 using 
the video conference data management program P: 
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Cmks2=E(Ks2, M). 

[0337] The encrypted data Cmks2 Is copied to the 
record medium 125 or supplied to the non-participant of 
the video conference via the communication network 2, 
together with the video conference data name orthe vid- 
eo conference data number. 

[0338] The non-participant of the video conference 
1 23 who obtains the encrypted data CmKs2 requests to 
the participant 121 for the secondary use of the video 
conference data M from the terminal by specifying the 
name or number of the video conference data. 
[0339J The participant 121 of the video conference 
who receives the request forthe second use of the data 
M finds out the first secret-key Ksl according to the 
name orthe number of the video conference data name 
or numberto generate the second secret-key Ks2 based 
on the first secret-key Ksl ; 



I<s2=P{Kb1) 

and supplies the generated second secret-key Ks2 to 
the non-participant of the video conference 123. 
[0340] The non-partlclpant of video conference 123 
who receives the second secret-key Ks2 decrypts the 
encrypted data Cmks2 by the second secret-key Ks2 by 
using the television conference data management pro- 
gram P: 

M=D{Ks2, Cmks2) 

and then, uses decrypted video conference data M. 
[0341] in the case where the video, conference data 
M is stored In the terminal of the non-participant of the 
video conference 123, copied to the record medium 126, 
or transmitted to the non-partlclpant of the video confer- 
ence 124, the video conference data M is encrypted by 
the second secret-key Ks2 using the video conference 
data management program P: 

Cmks2=E(Ks2, M). 

[0342] incidentally, the third secret-key Ks3 may be 
generated on the basis of the second secret-key Ks2 
with the video conference data management program P: 

Ks3=P(Ke2). 

and the data M can be encrypted with the video confer- 
ence data management program P by this generated 
third secret-key Ks3: 
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Cmks3=E(Ks3, M). 



Claims 

1 . A data copyright management apparatus comprls- 
ing: 

a user terminal (20, 95, 1 05) having a second 
microprocessor (21 , 46) 
a first microprocessor (1 6) 
a first iocal bus (17) connected to said first mi- 
croprocessor (16) 

a read-only semiconductor memory (1 8) and a 
read/write memory (1 9) connected to said iocai 
bus (17); 

wherein one of the second microprocessor (21 , 46) 
and the first microprocessor (16) perfomns decryp- 
tion of encrypted digital data and the other concur- 
rently perfomns re-encryptlon of the decrypted dig- 
ital data. 

2. A data copyright management apparatus compris- 
ing 

a first microprocessor (1 6) and a second micro- 
processor (91); 

a first local bus (1 7) connected to said first mi- 
croprocessor (16); 

a first read-only semiconductor memory (18) 
and first read/write memory (1 9) connected to 
said first iocal bus (17); and, 

a second local bus (94) connected to said sec- 
ond microprocessor (91) 

a second read-only, semiconductor memory 
(92) and a second read/write memory (93) con- 
nected to said second local bus (94); 

wherein, said first microprocessor (1 6) decrypts en- 
crypted digital data, and concun-entiy said second 
microprocessor (91) re-encrypts the decrypted dig- 
ital data. 
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Storing a second private-key,-apermit-i<eyra sec6nd- 

secret-key and copyright Infomiation, 
and said first iocai bus (17) being connected with 
. said electrically erasable programmable memory 
(31). 

A, A data copyright management apparatus according 
to claim 3, characterised by 

the electrically erasable programmable memory 
(31 ) storing a copyright management program, and 
said first local bus (17) being connectable to a sys- 
tem bus (22) of said user temilnal, 

5, A data copyright management apparatus according 
to claim 3, characterised by 

the read-only semiconductor memory (18), the 
electrically erasable programmable memory (31) 
and the read/write memory (19) being connectable 
to a system bus (22) of said user terminal, and 
the read-only semiconductor memory (IB) storings 
copyright management program. 

6, The data copyright management apparatus accord- 
ing to claim 1 , 2, 3, 4 and 6, wherein the re-encrypt- 
ed digital data Is stored, copied ortransfen'ed. 

7, The data copyright management apparatus accord- 
ing to claim 6, wherein the decrypted digital data is 
further displayed or edited. 

B. The data copyright management apparatus accord- 
ing one of the claims 1 to 7 which is configured In 
the form of an IC. 

9. The data copyright management apparatus accord- 
ing to one of the claims 1 to 7, which is configured 
Inthefomn of an ICcard, 

10. The data copyright management apparatus accord 
ing to one of the clalnns 1 to 7, which Is configured 
In the fonri of a PC card. 



1 1 . The data copyright management apparatus accord- 
ing to one of the claims 1 to 7, which Is configured 
45 in the fomn of an Insertion board. 



PatentansprOche 



3. A data copyright management apparatus according so i, Datenurtieben-echts-Verwaitungsvon-ichtung, wel- 



to claim 1 , characterised by 

the read-only semiconductor memory (1 B) storing a 

data copyright management system program, crypt 

algorithm and user infonnation, 

the read/Write memory (1 9) having afirst public-key, 

a first private-key, a second public-key and a first 

crypt-key, transmitted during operation; 

an electrically erasable programmable memory (31) 
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che aufwelst: 

Ein Benutzerendgerfit (20, 95, 105) mit einem 
zwelten IVlikroprozessor (21 , 46), 

einen ersten IWikroprozessor (16), 

elnen ersten iokalen Bus (17), der mIt dem er- 
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stenMIkroprozessor {16)-verbunden-ist;- 



istr 



einen Halblelter-Festwertspelcher (18) und ei- 
nen Lese/Schrelb-Spelcher (19), die mit dem 
lokalen Bus (1 7) verbunden sind; 

wobel einer von dem zweiten Mikroprozessor (21 , 
46) und dem ersten Mikroprozessor (16) eine Eht- 
schiusseiung von verschlQsselten digitaien Daten 
durchfiihrt und der andere glelchzeitig eine Wider- 
verschiiisselung der entschiusselten digltalen Da- 
ten durchfiihrt. 



Daten urheberrechts-Verwaltungsvorrichtung nach 
Anspruch 1 , dadurch gekennzelchnet, dase 
der Halbieiter-Festweilspeicher (18) ein Datenur- 
heberrechts-Verwaitungssystemprogramm, elnen 
Verschlusseiungsaigorithmus und Benutzerinfor- 
mationen speichert, 

der Lese/Schreib-Spelcher (1 9) einen ersten 6ffent- 
iichen SchlQ&sei, einen ersten privaten SchiQssel, 
einen zweiten dffentiichen Schiussel und einen er- 
sten Verschlusselungsschiussel hat, die w&hrend 
der Operation Qbertragen wurden; eIn eiektrisch 
foBchbarer programmierbarer Speicher (31 ) vorge- 
sehen fst, der einen zweiten privaten SchlQssei, ei- 
nen Eriaubnisschiiisset, einen zweiten Gehetm- 
schiussei und Urheberrechtsinfomriationen spei- 
chert, 

und der erste iokaie Bus (17) mit dem eiektrisch 
ioschbaren programmierbaren Speicher (31) ver- 
bunden ist 

Datenurheberrechts-Verwaltungsvorrichtung nach 
Anspruch 3. dadurch gekennzelchnet, dass 
der eiektrisch ioschbare programmlerbare Spei- 
cher (31) eIn Urheberrechtsverwaltungsprogmmm 
speichert und der erste iokaie Bus (17) mit einem 
Systembus (22) des Benutzerendgerats verbindbar 



5, Datenurheberrechts-Verwaitungsvon-ichtung nach 
Anspruch 3, dadurch gekennzelchnet, dass 

5 der Halblelter-Festwertspetcher (IB), der eiektrisch 
Ifischbare programmlerbare Speicher (31) und der 
Lese/Schrelb-Speicher (19) mit einem Systembus 
(22) des Benutzerendger&ts verbindbar eind, und 
der Haibteiter-Festwertspeicher (18) eln Urheber- 

10 rechtsverwaltungsprogramm speichert. 
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Datenurheberrechts-Verwaltungsvorrichtung, wei- 
che aufweist, 

einen ersten IVIikroprozessor (16) und einen zwei- 
ten Prozessor(91); 

einen ersten lokalen Bus (17), der mit dem ersten 
Mikroprozessor (16) verbunden ist; 
einen ersten Haibleiter-Festwertspelcher (IB) und 
einen ersten Lese/Schreib-Spelcher (19), die mit 
dem ersten iokalen Bus (17) verbunden sind; und 
einen zweiten iokalen Bus (94), der mtt dem zweiten 
Mikroprozessor (91) verbunden ist; 
einen zweiten Haibieiter-Festwertspelcher (92) und 25 9, 
einen zweiten Lese/Schreib-Spelcher (93), die mit 
dem zweiten lokalen Bus (94) verbunden sind; 
be! der der erste Mikroprozessor (16) vers'chiussel- 
te dtgltale Daten entschlDsselt und glelchzeitig der 
zweite Mikroprozessor (91) die entschiusselten di- 
gitaien Daten wiederverschiusseit 



6. Datenurheberrechts-VerwaitungsvoH'ichtung nach 
Anspruch 1 , 2, 3, 4 und 5, bei der die wiederver- 
schiusseiten digitaien Daten gespeichert, koplert 
Oder Qbertragen werden. 

7, Datenurheberrechts-Venwaitungsvonichtung nach 
Anspruch 6, bel der die entschlQsselten digitaien 
Daten welterhin an gezeigtoderaufbereltet werden. 



Datenurheben^echts-Venvaitungsvonichtung nach 
einem der Anspruche 1 -7, welche in der Fomi einer 
iC (integrierte Schaltung) kontlguriert ist. 

Datenurheben'echts-Verwaltungsvonichtung nach 
einem der Anspruche 1 -7, welche in der Fonn einer 
iC-Karte konfiguriert ist. 



10. Daten urheberrechts-Verwaitungsvon'Ichtung nach 
30 einem der Anspruche 1 -7, welche In der Fonn einer 
PC-Karte konfiguriert ist. 



11. Daten urheben-echts-Verwaltungsvonichtung nach 
einem der Anspruche 1 -7, welche in der Fomn einer 
35 Einsteckkarte konfiguriert ist. 



Revendications 

40 1. Apparell de gestion de donn^es de copyright 
comprenant : 

un terminal utilisateur (20, 95, 105) possSdant 
un deuxifeme mlcroprocesseur (21 , 46) 
45 un premier mlcroprocesseur (16)- 

un premier bus local (1 7) reli6 audit premier ml- 
croprocesseur (16) 

une m6molre morte 6 semi-con ducteuris (1 B) et 
une m6molre vive (19) relives audit bus local 
(17); 



50 



55 



dans lequei I'un pamni ie deuxi^me mlcropro- 
cesseur (21 , 46) et Ie premier mlcroprocesseur (1 6) 
effectue un d§cryptagede donn6es num6riques en- 
crypt6es et i'autre effectue slmuitan6ment un r6-en- 
cryptage des donn6es num6riques d6crypt6es. 

2. Apparell de gestion de donn^es de copyright com- 
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prenant- 

un premier microprocesseur (16) et un 
deuxifeme microprocesseur (91) ; 

un premier bus local (17) reli6 audit premier 
microprocesseur (16) ; 

une premifere m^molre morte ^ semi-conduc- 
teurs (1 8) et une premiere m6molre vive (1 9) rell6es 
audit premier bus local (1 7) ; et 

un deuxi^me bus local (94) reiI6 audit deuxife- 
me microprocesseur (91) 

une deuxifeme m6moire morte 6 semi-con- 
ducteurs (92) et une deuxifeme m6molre vive (93) 
reli6es audit deuxI6me bus local (94) ; 

dans lequel ledit premier microprocesseur 
(1 6) d6crypte des donn6es num6riquesencrypt6es, 
et ledit deuxi^me microprocesseur (91 ) re-encrypte 
slmultan6ment les dohn6es num6riques d6cryp- 
t^es. 

3. Apparel! de gestion de donn6es de copyright selon 
la revendicatlon 1 , caracterls^ par 

la memoire morte k seml-conducteurs (IB) 
stoclcant un programme de systfeme de gestion de 
donn6es de copyright, un algorlthme de cryptage et 
des informations utilisateur, 

la m6moire vive (1 9) poss6dant une premiere 
ci6 pubilque, une premiere cl6 priv6e, une deuxife- 
me cl6 pubiique et une premlfere cl6 de cryptage, 
transmises pendant une operation ; 

une m6moire programmable effa9able 6lectri- 
quement.(31) stockant une deuxifeme cl6 priv6e, 
une cl6 d'autorisatlon, une deuxifeme cl6 secrete et 
des informations de copyright, 

et ledit premier bus local (17) 6tant rell6 k la- 
dite memoire programmable effagable eiectrique- 
ment(31). 

4. Apparell de gestion de donn6es de copyright selon 
ta revendlcation 3, caracterise par 

)a m6molre programmable effa^able 6!ectrl- 
quement (31) stockant un programme de gestion 
de copyright, et ledit premier bus local (1 7) pouvant 
Stre reli6 k un bus systdme (22) dudlt temninal utili- 
sateur. 

5. Appareil de gestion de.donn6es de copyright selon 
la revendicatlon 3, caracterise par 

la m6molre morte 6 seml-conducteurs (1 8), la 
m6molre programmable effapable eiectriquement 
(31) et la m6molre vive (19) pouvant Stre relides k 
un bus systfeme (22) dudlt terminal utilisateur, et 

la m6moire morte k senni-conducteurs (1B) 
stockant uri programme de gestion de copyright. 



10 9. 



-Appareil-de-gestion-de-donn6es-de-cDpyright-selon-- 
la revendicatlon 6, dans lequel les donn6es num6- 
riques d6crypt6es sont en outre afflch6es ou 6dh 
t6es. 

Apparell de gestion de donn6es de copyright selon 
les revendlcatlons 1 6 7, qui est configure sous la 
tomie d'un circuit int6gr6. 

Apparell de gestion de donn6es de copyright selon 
I'une des revendlcatlons 1 k 7, qui est configure 
sous la forme d'une carte de circuit int6gr6. 
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10. Apparell de gestion de donn^es de copyright selon 
rune des revendlcatlons 1 k 7, qui est conflgur6 
sous la fonne d'une carte PC. 

11. Apparell de gestion de donn6es de copyright selon 
i'une des revendlcatlons 1 & 7, qui est configure 
sous la fonne d'une carte d'Insertion. 



6, Appareil de gestion de donn6es de copyright selon 
ia revendicatlon 1 , 2, 3, 4 et 5, dans lequel les don- 
n6es numdriques encrypt6es sont stock6es, co- 
pl6esou transferees. 
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Fig. 1 
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Fig. 4 
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Fig. 5 
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Fig. 8 
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Fig. 9 
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Fig. 10 
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Fig. 1 1 
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Fig. 12 
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Fig. 13 
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Fig. 14 
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